15 matches found
Astra Linux - уязвимость в curl
There is an authentication bypass vulnerability in libcurl version 8.0.0, particularly in the FTP connection reuse feature. This vulnerability can cause incorrect credentials to be used during subsequent transfers. Previously created connections are retained in a connection pool for reuse if they...
Medium: curl
Issue Overview: No QUIC certificate pinning with GnuTLS NOTE: https://curl.se/docs/CVE-2025-13034.html NOTE: Introduced with: https://github.com/curl/curl/commit/3210101088dfa3d6a125d213226b092f2f866722 curl-880 NOTE: Fixed by:...
sb-poc-web
StackBill Deployer Web-based deployment portal for StackBill...
curl: SSL options ISSUERCERT, EC_CURVES and CRLFILE silently ignored by non-OpenSSL backends
Summary: The SSL options ISSUERCERT, ECCURVES and CRLFILE are silently ignored for e.g. the mbedTLS backend, which allows MITM attacks for the ISSUERCERT and CRLFILE bug, and can reduce the security and compliance by ignoring the specified curve for the ECCURVES bug. Affected version Tested with...
CVE-2024-56521
An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPTSSLVERIFYHOST and CURLOPTSSLVERIFYPEER are set unsafely...
UBUNTU-CVE-2024-56521
An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPTSSLVERIFYHOST and CURLOPTSSLVERIFYPEER are set unsafely...
Updated stunnel packages fix security vulnerability
Update to 5.62 including new features and bugfixes: Security bugfixes - The "redirect" option was fixed to properly handle unauthenticated requests bsc1182529. - Fixed a double free with OpenSSL older than 1.1.0. - Added hardening to systemd service bsc1181400. New features - Added new...
Security update for obs-service-tar_scm (important)
openSUSE Security Update: Security update for obs-service-tarscm Announcement ID: openSUSE-SU-2019:0329-1 Rating: important References: 1076410 1082696 1105361 1107507 1107944 Cross-References: CVE-2018-12473 CVE-2018-12474 CVE-2018-12476 Affected Products: openSUSE Backports SLE-15 An update tha...
openSUSE: Security Advisory for obs-service-tar_scm (openSUSE-SU-2019:0326-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 22 : php-pecl-http-2.5.6-1.fc22 (2016-bb7bdd7063)
Version 2.5.6 Fix php-bug php71719: Buffer overflow in HTTP url parsing functions Mike, rc0r Fix gh-issue 28: Possible NULL pointer dereference in phphttpurlmod rc0r Fix gh-issue 22: Fix PHP5 config.w32 Jan Ehrhardt - Fix gh-issue 20: setSslOptions notice with curl 7.43 Mike, Vitaliy Demidov Note...
Security update for haproxy (important)
haproxy was updated to fix two security issues. These security issues were fixed: - CVE-2015-3281: The bufferslowrealign function in HAProxy did not properly realign a buffer that is used for pending outgoing data, which allowed remote attackers to obtain sensitive information uninitialized memor...
SUSE SLED11 / SLES11 Security Update : mysql (SUSE-SU-2015:1788-1) (BACKRONYM)
MySQL was updated to version 5.5.45, fixing bugs and security issues. A list of all changes can be found on : - http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-45.html - http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-44.html To fix the 'BACKRONYM' security issue CVE-2015-3152 the...
openSUSE Security Update : getmail (openSUSE-SU-2014:1315-1)
getmail 4.46.0 bnc900217 This release fixes several similar vulnerabilities that could allow a man-in-the-middle attacker to read encrypted traffic due to pack of certificate verification against the hostname. - fix --idle checking Python version incorrectly, resulting in incorrect warning about...
[SECURITY] Fedora 19 Update: not-yet-commons-ssl-0.3.15-2.fc19
Commons-SSL lets you control the SSL options you need in an natural way for each SSLSocketFactory, and those options won't bleed into the rest of your system...
Mandriva Update for pidgin MDVA-2010:164 (pidgin)
Check for the Version of pidgin OpenVAS Vulnerability Test Mandriva Update for pidgin MDVA-2010:164 pidgin Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...