23 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-22922
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XM...
Rocky Linux 8 : curl (RLSA-2021:3582)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3582 advisory. - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The...
K54308152: cURL vulnerability CVE-2021-22923
Security Advisory Description When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download...
SUSE CVE-2021-22923
When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...
OESA-2022-1506 curl security update
Curl is used in command lines or scripts to transfer data. Security Fixes: When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from...
EulerOS Virtualization 2.9.0 : curl (EulerOS-SA-2021-2769)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the...
EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-2751)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2707)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : curl (EulerOS-SA-2021-2682)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.T...
Oracle Linux 8 : curl (ELSA-2021-3582)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3582 advisory. - fix bad connection reuse due to flawed path name checks CVE-2021-22924 Tenable has extracted the preceding description block directly from the Oracle...
Amazon Linux 2 : curl, --advisory ALAS2-2021-1700 (ALAS-2021-1700)
The version of curl installed on the remote host is prior to 7.76.1-7. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1700 advisory. A flaw was found in curl in the way curl handles a file hash mismatch after downloading content using the Metalink feature...
Medium: curl
Issue Overview: A flaw was found in curl in the way curl handles a file hash mismatch after downloading content using the Metalink feature. This flaw allows malicious actors controlling a hosting server to trick users into downloading malicious content. The highest threat from this vulnerability ...
CVE-2021-22922
When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and...
ALPINE-CVE-2021-22923
When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...
CVE-2021-22923
When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...
DEBIAN-CVE-2021-22923
When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...
Default credentials
When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...
CVE-2021-22922
When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and...
CVE-2021-22923
When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...
SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2021:2462-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2462-1 advisory. - CVE-2021-22925: TELNET stack contents disclosure again. bsc1188220 - CVE-2021-22924: Bad connection reuse due to flawed...