Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

Tenable Nessus
Tenable Nessusadded 2024/09/24 12:0 a.m.23 views

EulerOS 2.0 SP8 : curl (EulerOS-SA-2024-2460)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowe...

8.6CVSS6.7AI score0.01962EPSS
Exploits2References3
Tenable Nessus
Tenable Nessusadded 2024/04/05 12:0 a.m.50 views

Rocky Linux 8 : curl (RLSA-2024:1601)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1601 advisory. - An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback...

6.5CVSS7.5AI score0.00631EPSS
Exploits2References8
Tenable Nessus
Tenable Nessusadded 2024/04/02 12:0 a.m.177 views

CentOS 8 : curl (CESA-2024:1601)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:1601 advisory. - An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback...

6.5CVSS7.4AI score0.00631EPSS
Exploits2References4
Tenable Nessus
Tenable Nessusadded 2024/01/16 12:0 a.m.49 views

EulerOS Virtualization 2.11.1 : curl (EulerOS-SA-2023-2719)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass...

9.8CVSS7.2AI score0.00631EPSS
Exploits7References8
OpenVAS
OpenVASadded 2023/08/08 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2608)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.2AI score0.00631EPSS
Exploits2References2
Tenable Nessus
Tenable Nessusadded 2023/08/08 12:0 a.m.20 views

EulerOS 2.0 SP9 : curl (EulerOS-SA-2023-2608)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as 'Subjec...

5.9CVSS6.5AI score0.00631EPSS
Exploits2References3
Tenable Nessus
Tenable Nessusadded 2023/08/02 12:0 a.m.23 views

AlmaLinux 9 : curl (ALSA-2023:4354)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4354 advisory. - An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as Subject...

5.9CVSS6.5AI score0.00631EPSS
Exploits2References3
Tenable Nessus
Tenable Nessusadded 2023/08/02 12:0 a.m.20 views

Oracle Linux 9 : curl (ELSA-2023-4354)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-4354 advisory. - unify the upload/method handling CVE-2023-28322 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

5.9CVSS6.5AI score0.00631EPSS
Exploits2References3
Tenable Nessus
Tenable Nessusadded 2023/07/18 12:0 a.m.30 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2023-2376)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as 'Subjec...

5.9CVSS6.5AI score0.00631EPSS
Exploits2References3
OSV
OSVadded 2023/05/17 8:0 a.m.29 views

CURL-CVE-2023-28322 more POST-after-PUT confusion

When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the...

5.3CVSS6.3AI score0.00631EPSS
Exploits1
OpenVAS
OpenVASadded 2023/04/27 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1633)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.01853EPSS
Exploits2References2
Tenable Nessus
Tenable Nessusadded 2023/04/27 12:0 a.m.31 views

EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2023-1633)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when...

9.8CVSS7.1AI score0.01853EPSS
Exploits2References3
OpenVAS
OpenVASadded 2023/03/09 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1496)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.8AI score0.01853EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2023/01/25 12:0 a.m.49 views

AlmaLinux 9 : curl (ALSA-2023:0333)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:0333 advisory. - When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option h...

9.8CVSS6.9AI score0.01853EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2023/01/24 12:0 a.m.40 views

Oracle Linux 9 : curl (ELSA-2023-0333)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-0333 advisory. 7.76.1-19.el91.1 - fix POST following PUT confusion CVE-2022-32221 Tenable has extracted the preceding description block directly from the Oracle Linux security...

9.8CVSS7.1AI score0.01853EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2022/12/22 12:0 a.m.47 views

Fedora 36 : curl (2022-01ffde372c)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-01ffde372c advisory. - url: use IDN decoded names for HSTS checks CVE-2022-42916 - httpproxy: restore the protocol pointer on error CVE-2022-42915 - netrc: replace fgets...

9.8CVSS7.3AI score0.01853EPSS
Exploits2References5
Tenable Nessus
Tenable Nessusadded 2022/12/09 12:0 a.m.34 views

Amazon Linux 2022 : curl (ALAS2022-2022-246)

The version of curl installed on the remote host is prior to 7.86.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-246 advisory. - When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send,...

9.8CVSS7.2AI score0.01853EPSS
Exploits2References9
Amazon
Amazonadded 2022/12/06 12:0 a.m.57 views

Medium: curl

Issue Overview: A vulnerability was found in curl. The issue occurs when doing HTTPS transfers, where curl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set if it previously used the same handle to issue a PUT...

9.8CVSS7.1AI score0.01853EPSS
Exploits2
Mageia
Mageiaadded 2022/11/01 10:58 p.m.195 views

Updated curl packages fix security vulnerability

When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. CVE-2022-32221...

9.8CVSS8.7AI score0.01853EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2022/10/27 12:0 a.m.27 views

SUSE SLES12 Security Update : curl (SUSE-SU-2022:3770-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:3770-1 advisory. - When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the...

9.8CVSS6.9AI score0.01853EPSS
Exploits1References4
Rows per page
Query Builder