20 matches found
Juniper Junos OS Multiple Vulnerabilities (JSA79108)
The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA79108 advisory. - This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that ...
EulerOS Virtualization 2.10.1 : curl (EulerOS-SA-2024-1355)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to...
EulerOS 2.0 SP9 : curl (EulerOS-SA-2023-3326)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 prox...
EulerOS 2.0 SP9 : curl (EulerOS-SA-2023-3294)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 prox...
EulerOS 2.0 SP10 : curl (EulerOS-SA-2024-1079)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 prox...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-3267)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : curl (2023-0f8d1871d8)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0f8d1871d8 advisory. - fix cookie injection with none file CVE-2023-38546 - fix SOCKS5 heap buffer overflow CVE-2023-38545 Tenable has extracted the preceding descriptio...
Fedora 37 : curl (2023-fef2b8da32)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-fef2b8da32 advisory. - fix cookie injection with none file CVE-2023-38546 - fix SOCKS5 heap buffer overflow CVE-2023-38545 Tenable has extracted the preceding descriptio...
Rocky Linux 9 : curl (RLSA-2023:5763)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:5763 advisory. - This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to...
curl security update
7.76.1-23.el92.4 - curl: a heap-based buffer overflow in the SOCKS5 proxy handshake CVE-2023-38545 - curl: cookie injection with none file CVE-2023-38546...
Ubuntu 23.10 : curl vulnerabilities (USN-6429-3)
The remote Ubuntu 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6429-3 advisory. USN-6429-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 23.10. Tenable has extracted the preceding description...
Oracle Linux 9 : curl (ELSA-2023-5763)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5763 advisory. - curl: a heap-based buffer overflow in the SOCKS5 proxy handshake CVE-2023-38545 Tenable has extracted the preceding description block directly from t...
ALSA-2023:5763 Important: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: a heap-based buffer overflow in the SOCKS5 proxy handshake CVE-2023-38545 curl: cookie injection with none file...
Important: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: a heap-based buffer overflow in the SOCKS5 proxy handshake CVE-2023-38545 curl: cookie injection with none file...
Important: Red Hat Security Advisory: curl security update
An update for curl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
SUSE SLES12 Security Update : curl (SUSE-SU-2023:4043-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4043-1 advisory. - CVE-2023-38545: Fixed a heap buffer overflow in SOCKS5. bsc1215888 - CVE-2023-38546: Fixed a cookie injection with none file...
SUSE SLED15: curl / libcurl-devel / libcurl-devel-32bit / libcurl4 / etc (SUSE-SU-2023:4044-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4044-1 advisory. - CVE-2023-38545: Fixed a heap buffer overflow in SOCKS5. bsc1215888 - CVE-2023-38546: Fixed a...
Fedora 38 : curl (2023-b855de5c0f)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b855de5c0f advisory. - fix cookie injection with none file CVE-2023-38546 - fix SOCKS5 heap buffer overflow CVE-2023-38545 Tenable has extracted the preceding descriptio...
Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current curl Multiple Vulnerabilities (SSA:2023-284-01)
The version of curl installed on the remote host is prior to 8.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-284-01 advisory. - CVE-2023-38545 is a heap-based buffer overflow vulnerability in the SOCKS5 proxy handshake in libcurl and curl. When curl is...
Debian DSA-5523-1 : curl - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5523 advisory. - CVE-2023-38545 is a heap-based buffer overflow vulnerability in the SOCKS5 proxy handshake in libcurl and curl. When curl is given a hostname to pass along...