Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2022/12/27 12:0 a.m.42 views

EulerOS Virtualization 2.10.1 : curl (EulerOS-SA-2022-2890)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate...

9.8CVSS6.6AI score0.3197EPSS
Exploits6References7
Microsoft CVE
Microsoft CVE
added 2022/07/19 7:0 a.m.3 views

When curl < 7.84.0 saves cookies alt-svc and hsts data to local files it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation it might accidentally *widen* the permissions for the target file leaving the updated file accessible to more users than intended.

...

9.8CVSS7.5AI score0.06823EPSS
Exploits1
OSV
OSV
added 2022/07/07 1:15 p.m.10 views

AZL-10103 CVE-2022-32207 affecting package curl for versions less than 7.84.0-1

When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the...

9.8CVSS6.7AI score0.06823EPSS
Exploits1References1
Prion
Prion
added 2022/07/07 1:15 p.m.28 views

Design/Logic Flaw

When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the...

7.5CVSS8.8AI score0.06823EPSS
Exploits1References8Affected Software4
Vulnrichment
Vulnrichment
added 2022/07/07 12:0 a.m.3 views

CVE-2022-32207

When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the...

9.1AI score0.06823EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2022/07/07 12:0 a.m.54 views

CVE-2022-32207

When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the...

9.8CVSS7.4AI score0.06823EPSS
Exploits1
CVE
CVE
added 2022/07/07 12:0 a.m.308 views

CVE-2022-32207

CVE-2022-32207 affects curl: when saving cookies, alt-svc and HSTS data, the final rename can widen target file permissions, exposing updates to more users. Affected versions are curl before 7.84.0; remediation is to upgrade to 7.84.0 or newer (as indicated by multiple advisories).

9.8CVSS8.9AI score0.06823EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/06/28 12:0 a.m.57 views

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current curl Multiple Vulnerabilities (SSA:2022-179-01)

The version of curl installed on the remote host is prior to 7.84.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-179-01 advisory. - When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the...

9.8CVSS6.9AI score0.3197EPSS
Exploits4References4
Rows per page
Query Builder