Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2021-22922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XM...

6.5CVSS6AI score0.04313EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.34 views

Rocky Linux 8 : curl (RLSA-2021:3582)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3582 advisory. - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The...

6.5CVSS6.3AI score0.0627EPSS
Exploits3References7
F5 Networks
F5 Networks
added 2023/02/21 7:53 p.m.30 views

K54308152: cURL vulnerability CVE-2021-22923

Security Advisory Description When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download...

5.3CVSS6.6AI score0.01843EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.12 views

SUSE CVE-2021-22923

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...

5.3CVSS7.1AI score0.01843EPSS
Exploits1References85
OSV
OSV
added 2022/01/28 11:3 a.m.2 views

OESA-2022-1506 curl security update

Curl is used in command lines or scripts to transfer data. Security Fixes: When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from...

6.5CVSS7.2AI score0.04313EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.45 views

EulerOS Virtualization 2.9.0 : curl (EulerOS-SA-2021-2769)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the...

7.5CVSS6.3AI score0.0982EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.58 views

EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-2751)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the...

7.5CVSS6.3AI score0.0982EPSS
Exploits5References6
OpenVAS
OpenVAS
added 2021/11/12 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2707)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.0982EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2021/11/11 12:0 a.m.249 views

EulerOS 2.0 SP9 : curl (EulerOS-SA-2021-2682)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.T...

7.5CVSS6.3AI score0.0982EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2021/09/22 12:0 a.m.47 views

Oracle Linux 8 : curl (ELSA-2021-3582)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3582 advisory. - fix bad connection reuse due to flawed path name checks CVE-2021-22924 Tenable has extracted the preceding description block directly from the Oracle...

6.5CVSS6.4AI score0.0627EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/09/16 12:0 a.m.47 views

Amazon Linux 2 : curl, --advisory ALAS2-2021-1700 (ALAS-2021-1700)

The version of curl installed on the remote host is prior to 7.76.1-7. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1700 advisory. A flaw was found in curl in the way curl handles a file hash mismatch after downloading content using the Metalink feature...

6.5CVSS6.6AI score0.0627EPSS
Exploits4References10
Amazon
Amazon
added 2021/09/15 12:0 a.m.49 views

Medium: curl

Issue Overview: A flaw was found in curl in the way curl handles a file hash mismatch after downloading content using the Metalink feature. This flaw allows malicious actors controlling a hosting server to trick users into downloading malicious content. The highest threat from this vulnerability ...

6.5CVSS6.8AI score0.0627EPSS
Exploits5
NVD
NVD
added 2021/08/05 9:15 p.m.21 views

CVE-2021-22922

When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and...

6.5CVSS0.04313EPSS
Exploits1References10
OSV
OSV
added 2021/08/05 9:15 p.m.14 views

ALPINE-CVE-2021-22923

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...

5.3CVSS7AI score0.01843EPSS
Exploits1References1
OSV
OSV
added 2021/08/05 9:15 p.m.34 views

CVE-2021-22923

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...

5.3CVSS2.7AI score0.01843EPSS
Exploits1References6
OSV
OSV
added 2021/08/05 9:15 p.m.8 views

DEBIAN-CVE-2021-22923

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...

5.3CVSS6.4AI score0.01843EPSS
Exploits1References1
Prion
Prion
added 2021/08/05 9:15 p.m.26 views

Default credentials

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...

2.6CVSS6.2AI score0.01843EPSS
Exploits1References6Affected Software4
Debian CVE
Debian CVE
added 2021/08/05 12:0 a.m.48 views

CVE-2021-22922

When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and...

6.5CVSS6.6AI score0.04313EPSS
Exploits1
Debian CVE
Debian CVE
added 2021/08/05 12:0 a.m.50 views

CVE-2021-22923

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...

5.3CVSS6.9AI score0.01843EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/07/24 12:0 a.m.70 views

SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2021:2462-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2462-1 advisory. - CVE-2021-22925: TELNET stack contents disclosure again. bsc1188220 - CVE-2021-22924: Bad connection reuse due to flawed...

6.5CVSS6.6AI score0.0627EPSS
Exploits4References13
Rows per page
Query Builder