SUSE SLES15 Security Update : curl (SUSE-SU-2024:3080-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3080-2 advisory. - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str bsc1228535 Tenable has extracted the preceding description block...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2022)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS: Security Advisory for curl (CESA-2023:7743)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 9 : curl (RHSA-2023:5763)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5763 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...

AlmaLinux 9 : curl (ALSA-2022:5245)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5245 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2325)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Update of libcurl-devel, libcurl-devel, libcurl, curl, libcurl

...

SUSE: Security Advisory (SUSE-SU-2020:2446-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:2445-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Virtuozzo 7 : curl / libcurl / libcurl-devel (VZLSA-2020-5002)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5002 advisory. - curl: Incorrect argument check can allow remote servers to overwrite local files CVE-2020-8177 Note that Nessus has not tested for this issue but h...

curl, libcurl security update

CentOS Errata and Security Advisory CESA-2020:5002 An update for curl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Oracle Linux 7 : curl (ELSA-2020-3916)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-3916 advisory. - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - CVE-2016-8615 cookie injection for...

CentOS 7 : curl (RHSA-2020:1020)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1020 advisory. - A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. CVE-2019-5436 Note tha...

curl, libcurl security update

CentOS Errata and Security Advisory CESA-2020:1020 An update for curl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Oracle Linux 6 : curl (ELSA-2020-5561)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5561 advisory. 7.19.7-54.0.2 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug:30568724 462 Tenable has extracted...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-2252)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Virtuozzo 7 : curl / libcurl / libcurl-devel (VZLSA-2017-3263)

An update for curl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

0d1n - Tool For Automating Customized Attacks Against Web Applications

Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. You can do: brute force passwords in auth forms directory disclosure use PATH list to brute, and find HTTP status code test list on input to find SQL Injection and XSS vulnerabilities To run: require libcurl-dev or...

Fedora 22 : curl-7.40.0-5.fc22 (2015-10155)

implement public key pinning for NSS backend 1195771 - fix lingering HTTP credentials in connection re-use CVE-2015-3236 - prevent SMB from sending off unrelated memory contents CVE-2015-3237 - curl-config --libs now works on x8664 without libcurl-devel.x8664 1228363 Note that Tenable Network...

openSUSE Security Update : curl (curl-1232)

curl did not detect embedded null characters in certificate names. By using specially crafted certificates attackers could exploit that to conduct man in the middle attacks CVE-2009-2417. Note the previous update that was supposed to fix the issue accidentally lacked the actual fix which was...