2028 matches found
OESA-2021-1004 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols.\r\n\r\n Security Fixes:\r\n\r\n Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1137)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : curl (EulerOS-SA-2021-1137)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1003)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1022)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : curl (EulerOS-SA-2021-1003)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match...
EulerOS 2.0 SP9 : curl (EulerOS-SA-2021-1022)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match...
Updated curl packages fix security vulnerabilities
Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. CVE-2020-8231. A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl...
MGASA-2020-0482 Updated curl packages fix security vulnerabilities
Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. CVE-2020-8231. A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl...
Ignored Certificate Revocation List
icinga2 ignores certificate revocation list. Revoked certificates due for renewal does not check against the certificate revocation list, and automatically renews the certificate...
DEBIAN-CVE-2020-29663
Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue is fixed in Icinga 2 v2.11.8 and v2.12.3...
UBUNTU-CVE-2020-29663
Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue is fixed in Icinga 2 v2.11.8 and v2.12.3...
CVE-2020-29663
CVE-2020-29663 affects Icinga 2. Versions affected: 2.8.0–2.11.7 and 2.12.2. Root cause: revoked certificates due for renewal are renewed automatically, bypassing the CRL check. Impact: certificate revocation not enforced for renewals (attack surface in TLS trust). Mitigation: upgrade to fixed re...
CVE-2020-29663
Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue is fixed in Icinga 2 v2.11.8 and v2.12.3...
Unspecified Vulnerability in Mozilla Firefox for Android (CNVD-2021-00394)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Android Firefox that stems from a lack of service initialization and OneCRL being non-functional in the new Android Firefox. This may result in the inability to enfor...
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.
...
CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
ALPINE-CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
DEBIAN-CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...