33 matches found
GO-2025-3794 File Browser allows sensitive data to be transferred in URL in github.com/filebrowser/filebrowser
File Browser allows sensitive data to be transferred in URL in github.com/filebrowser/filebrowser...
Fedora: Security Advisory (FEDORA-2023-9de8973300)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 37 Update: curl-7.84.0-3.fc37
curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
[SECURITY] Fedora 36 Update: curl-7.82.0-6.fc36
curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
[SECURITY] [DLA 2734-1] curl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2734-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk August 09, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2664-1 : curl security update
Viktor Szakats reported that libcurl, an URL transfer library, does not strip off user credentials from the URL when automatically populating the Referer HTTP request header field in outgoing HTTP requests. Sensitive authentication data may leak to the server that is the target of the second HTTP...
[SECURITY] [DLA 2664-1] curl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2664-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler May 17, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4386-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4386-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini February 06, 2019 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4386-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4331-1 : curl - security update
Two vulnerabilities were discovered in cURL, an URL transfer library. - CVE-2018-16839 Harry Sintonen discovered that, on systems with a 32 bit sizet, an integer overflow would be triggered when a SASL user name longer than 2GB is used. This would in turn cause a very small buffer to be allocated...
Debian: Security Advisory (DSA-4331-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1309-1 : curl security update
Multiple vulnerabilities were found in cURL, an URL transfer library : CVE-2018-1000120 Duy Phan Thanh reported that curl could be fooled into writing a zero byte out of bounds when curl was told to work on an FTP URL, with the setting to only issue a single CWD command. The issue could be...
Debian: Security Advisory (DSA-4098-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4051-1 : curl - security update
Two vulnerabilities were discovered in cURL, an URL transfer library. - CVE-2017-8816 Alex Nichols discovered a buffer overrun flaw in the NTLM authentication code which can be triggered on 32bit systems where an integer overflow might occur when calculating the size of a memory allocation. -...
DSA-3705-1 curl - security update
Bulletin has no description...
Debian Security Advisory DSA 3455-1 (curl - security update)
Isaac Boukris discovered that cURL, an URL transfer library, reused NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for the new transfer. This could lead to HTTP requests being sent over the connection...
Debian Security Advisory DSA 3240-1 (curl - security update)
It was discovered that cURL, an URL transfer library, if configured to use a proxy server with the HTTPS protocol, by default could send to the proxy the same HTTP headers it sends to the destination server, possibly leaking sensitive information. OpenVAS Vulnerability Test $Id: deb3240.nasl 6609...
DLA-134-1 curl - security update
Bulletin has no description...
Debian DSA-3122-1 : curl - security update
Andrey Labunets of Facebook discovered that cURL, an URL transfer library, fails to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl to access a specially crafted URL via an HTTP proxy could use this flaw to do additional requests in...
[SECURITY] [DSA 3122-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3122-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 08, 2015 http://www.debian.org/security/faq -...