Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Ubuntu
Ubuntuadded 2023/09/11 6:0 p.m.64 views

USN-6237-3: curl vulnerabilities

USN-6237-1 fixed several vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote...

5.9CVSS6.6AI score0.00631EPSS
Exploits2
Cloud Foundry
Cloud Foundryadded 2023/08/10 12:0 a.m.47 views

USN-6237-2: curl regression | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description USN-6237-1 fixed vulnerabilities in curl. The update caused a certificate wildcard handling regression on Ubuntu 22.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original...

5.9CVSS7.3AI score0.00631EPSS
Exploits2Affected Software3
OpenVAS
OpenVASadded 2023/07/20 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-6237-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.3AI score0.00631EPSS
Exploits2References2
Ubuntu
Ubuntuadded 2023/07/19 5:34 p.m.74 views

USN-6237-2: curl regression

USN-6237-1 fixed vulnerabilities in curl. The update caused a certificate wildcard handling regression on Ubuntu 22.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Hiroki Kurosawa discovered that curl incorrectly handled validating certain...

6.6AI score
Exploits0References1
Veracode
Veracodeadded 2023/06/07 10:17 a.m.51 views

Improper Certificate Validation

libcurl.so is vulnerable to Improper Certificate Validation. In place of a library's built-in name matching function, Curl may utilize its own name matching function for TLS. IDN hosts could be mismatched by this private wildcard matching function since they are rendered in a weak form before...

5.9CVSS6.7AI score0.00297EPSS
Exploits1References16Affected Software1
Debian CVE
Debian CVEadded 2023/05/26 12:0 a.m.50 views

CVE-2023-28321

An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS...

5.9CVSS6.6AI score0.00297EPSS
Exploits1
Vulnrichment
Vulnrichmentadded 2023/05/26 12:0 a.m.3 views

CVE-2023-28321

An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS...

5.8AI score0.00297EPSS
Exploits1References12
Rows per page
Query Builder