16 matches found
Security update for erlang26
This update for erlang26 fixes the following issues Security issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681...
CLSA-2026-1776847322 curl: Fix of 3 CVEs
CVE-2022-27781: add limit of certificates which can be traversed breaking infinite loop in NSS cert verification - CVE-2023-27533: prevent TELNET option from IAC injection - CVE-2023-27534: fix SFTP path '' resolving discrepancy...
SUSE SLES12 Security Update : libssh (SUSE-SU-2026:1344-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1344-1 advisory. - CVE-2026-3731: denial of service via out-of-bounds read in SFTP extension name handler bsc1259377. - CVE-2026-0964: SCP protocol path travers...
SUSE SLES12: curl / libcurl-devel / libcurl4 / libcurl4-32bit / libnghttp2-14 / etc (SUSE-SU-2026:0494-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0494-1 advisory. - CVE-2023-27534: Regression fix for SFTP path resolving discrepancy bsc1219273 Tenable has extracted the preceding description block directly from the...
SUSE-SU-2026:0494-1 Security update for curl
This update for curl fixes the following issues: - CVE-2023-27534: Regression fix for SFTP path resolving discrepancy bsc1219273...
SUSE-SU-2024:2009-1 Security update for curl
This update for curl fixes the following issues: - CVE-2023-27534: Properly resolve when used in a SFTP path. bsc1219273...
Moderate: Red Hat Security Advisory: curl security update
An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
MGASA-2023-0263 Updated curl packages fix security vulnerability
TELNET option IAC injection. CVE-2023-27533 SFTP path resolving discrepancy. CVE-2023-27534 FTP too eager connection reuse. CVE-2023-27535 GSS delegation too eager connection re-use. CVE-2023-27536 HSTS double free. CVE-2023-27537 SSH connection too eager reuse still. CVE-2023-27538 UAF in SSH...
Multiple vulnerabilities cURL libcurl affect AIX
IBM SECURITY ADVISORY First Issued: Thu Jun 29 09:35:59 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/curladvisory2.asc Security Bulletin: Multiple vulnerabilities cURL libcurl affect AIX...
EulerOS 2.0 SP10 : curl (EulerOS-SA-2023-1798)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously...
CLSA-2023-1682348848 curl: Fix of CVE-2023-27534
CVE-2023-27534: fix SFTP path '' resolving discrepancy - fix read off end of array for SCP home directory case...
OESA-2023-1194 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However,...
Fedora 38 : curl (2023-0de03a9232)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0de03a9232 advisory. - fix SSH connection too eager reuse still CVE-2023-27538 - fix HSTS double-free CVE-2023-27537 - fix GSS delegation too eager connection re-use...
SUSE-SU-2023:1582-1 Security update for curl
This update for curl fixes the following issues: - CVE-2023-27533: Fixed TELNET option IAC injection bsc1209209. - CVE-2023-27534: Fixed SFTP path resolving discrepancy bsc1209210. - CVE-2023-27535: Fixed FTP too eager connection reuse bsc1209211. - CVE-2023-27536: Fixed GSS delegation too eager...
SUSE-SU-2023:0865-1 Security update for curl
This update for curl fixes the following issues: - CVE-2023-27533: Fixed TELNET option IAC injection bsc1209209. - CVE-2023-27534: Fixed SFTP path resolving discrepancy bsc1209210. - CVE-2023-27535: Fixed FTP too eager connection reuse bsc1209211. - CVE-2023-27536: Fixed GSS delegation too eager...
PT-2023-2319 · Curl +9 · Curl +9
Name of the Vulnerable Software and Affected Versions: curl versions prior to 8.0.0 Description: A path traversal vulnerability exists in the SFTP implementation of curl, where the tilde character is wrongly replaced when used as a prefix in the first path element. This flaw can be exploited by...