Lucene search
K

17 matches found

RedHat Linux
RedHat Linux
added 2023/11/02 4:9 p.m.66 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

5.9CVSS7AI score0.06208EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/10/10 3:28 p.m.70 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

5.9CVSS6.6AI score0.02211EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2023/10/10 12:0 a.m.33 views

RHEL 9 : curl (RHSA-2023:5598)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5598 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...

5.9CVSS6.6AI score0.02211EPSS
Exploits2References7
OSV
OSV
added 2023/10/06 11:10 p.m.34 views

RLSA-2023:4523 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: GSS delegation too eager connection re-use CVE-2023-27536 curl: IDN wildcard match may lead to Improper Cerificate...

5.9CVSS7.9AI score0.0181EPSS
Exploits2References3
OSV
OSV
added 2023/09/24 10:16 p.m.35 views

MGASA-2023-0263 Updated curl packages fix security vulnerability

TELNET option IAC injection. CVE-2023-27533 SFTP path resolving discrepancy. CVE-2023-27534 FTP too eager connection reuse. CVE-2023-27535 GSS delegation too eager connection re-use. CVE-2023-27536 HSTS double free. CVE-2023-27537 SSH connection too eager reuse still. CVE-2023-27538 UAF in SSH...

9.8CVSS5.9AI score0.62246EPSS
Exploits11References17
RedHat Linux
RedHat Linux
added 2023/08/08 8:28 a.m.50 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

5.9CVSS6.6AI score0.0181EPSS
Exploits2References3
OSV
OSV
added 2023/08/08 12:0 a.m.33 views

ALSA-2023:4523 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: GSS delegation too eager connection re-use CVE-2023-27536 curl: IDN wildcard match may lead to Improper Cerificate...

5.9CVSS7.9AI score0.0181EPSS
Exploits2References6
AlmaLinux
AlmaLinux
added 2023/08/08 12:0 a.m.57 views

Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: GSS delegation too eager connection re-use CVE-2023-27536 curl: IDN wildcard match may lead to Improper Cerificate...

5.9CVSS6.9AI score0.0181EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2023/08/01 8:55 a.m.49 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

5.9CVSS6.6AI score0.02211EPSS
Exploits2References3
OSV
OSV
added 2023/06/29 8:30 p.m.10 views

CLSA-2023-1688070599 Fix CVE(s): CVE-2023-28322, CVE-2023-28321

SECURITY UPDATE: More POST-after-PUT confusion - debian/patches/CVE-2023-28322.patch: fix mess in upload/method handling - CVE-2023-28322 SECURITY UPDATE: incorrect IDN wildcard match - debian/patches/CVE-2023-28321.patch: fix erroneous logic in wildcard handling, drop support for wildcards in th...

5.9CVSS6.8AI score0.02211EPSS
Exploits2References1
OSV
OSV
added 2023/06/21 4:13 p.m.9 views

SUSE-SU-2023:2224-2 Security update for curl

This update for curl adds the following feature: Update to version 8.0.1 jscPED-2580 - CVE-2023-28319: use-after-free in SSH sha256 fingerprint check bsc1211230. - CVE-2023-28320: siglongjmp race condition bsc1211231. - CVE-2023-28321: IDN wildcard matching bsc1211232. - CVE-2023-28322:...

7.5CVSS5.7AI score0.02658EPSS
Exploits4References9
Hacker One
Hacker One
added 2023/05/18 9:11 a.m.81 views

Internet Bug Bounty: CVE-2023-28321: IDN wildcard match

CVE-2023-28321 is a vulnerability in curl that allowed for improper validation of certificates with host mismatch. The private wildcard matching function in curl could match IDN International Domain Name hosts incorrectly, potentially accepting patterns that should have mismatched. This issue was...

5.9CVSS6.7AI score0.0181EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/05/18 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2023:2227-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7AI score0.02658EPSS
Exploits3References7
RedhatCVE
RedhatCVE
added 2023/05/17 9:27 a.m.30 views

CVE-2023-28321

A flaw was found in the Curl package. An incorrect International Domain Name IDN wildcard match may lead to improper certificate validation...

5.9CVSS6.2AI score0.0181EPSS
Exploits1References4
OSV
OSV
added 2023/05/17 7:59 a.m.8 views

SUSE-SU-2023:2228-1 Security update for curl

This update for curl fixes the following issues: - CVE-2023-28320: Fixed siglongjmp race condition bsc1211231. - CVE-2023-28321: Fixed IDN wildcard matching bsc1211232. - CVE-2023-28322: Fixed POST-after-PUT confusion bsc1211233. - CVE-2023-27533: Fixed TELNET option IAC injection bsc1209209. -...

9.8CVSS6.2AI score0.02658EPSS
Exploits10References22
OSV
OSV
added 2023/05/17 7:54 a.m.5 views

SUSE-SU-2023:2224-1 Security update for curl

This update for curl adds the following feature: Update to version 8.0.1 jscPED-2580 - CVE-2023-28319: use-after-free in SSH sha256 fingerprint check bsc1211230. - CVE-2023-28320: siglongjmp race condition bsc1211231. - CVE-2023-28321: IDN wildcard matching bsc1211232. - CVE-2023-28322:...

7.5CVSS5.7AI score0.02658EPSS
Exploits4References9
FreeBSD
FreeBSD
added 2023/03/21 12:0 a.m.45 views

curl -- multiple vulnerabilities

Wei Chong Tan, Harry Sintonen, and Hiroki Kurosawa reports: This update fixes 4 security vulnerabilities: Medium CVE-2023-28319: UAF in SSH sha256 fingerprint check. Reported by Wei Chong Tan on 2023-03-21 Low CVE-2023-28320: siglongjmp race condition. Reported by Harry Sintonen on 2023-04-02 Low...

7.5CVSS7AI score0.02658EPSS
Exploits4References4
Rows per page
Query Builder