Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.34 views

Debian DLA-2664-1 : curl security update

Viktor Szakats reported that libcurl, an URL transfer library, does not strip off user credentials from the URL when automatically populating the Referer HTTP request header field in outgoing HTTP requests. Sensitive authentication data may leak to the server that is the target of the second HTTP...

5.3CVSS6.5AI score0.05301EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2019/02/05 12:0 a.m.74 views

Debian: Security Advisory (DSA-4386-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.12771EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.31 views

Debian DSA-4331-1 : curl - security update

Two vulnerabilities were discovered in cURL, an URL transfer library. - CVE-2018-16839 Harry Sintonen discovered that, on systems with a 32 bit sizet, an integer overflow would be triggered when a SASL user name longer than 2GB is used. This would in turn cause a very small buffer to be allocated...

9.8CVSS7.2AI score0.05782EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2018/01/25 12:0 a.m.45 views

Debian: Security Advisory (DSA-4098-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.08031EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/11/30 12:0 a.m.47 views

Debian DSA-4051-1 : curl - security update

Two vulnerabilities were discovered in cURL, an URL transfer library. - CVE-2017-8816 Alex Nichols discovered a buffer overrun flaw in the NTLM authentication code which can be triggered on 32bit systems where an integer overflow might occur when calculating the size of a memory allocation. -...

9.8CVSS7.4AI score0.11175EPSS
Exploits0References8
OSV
OSV
added 2016/11/03 12:0 a.m.43 views

DSA-3705-1 curl - security update

Bulletin has no description...

9.8CVSS7.9AI score0.05915EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/01/27 12:0 a.m.25 views

Debian Security Advisory DSA 3455-1 (curl - security update)

Isaac Boukris discovered that cURL, an URL transfer library, reused NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for the new transfer. This could lead to HTTP requests being sent over the connection...

5CVSS5.9AI score0.09327EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/04/29 12:0 a.m.24 views

Debian Security Advisory DSA 3240-1 (curl - security update)

It was discovered that cURL, an URL transfer library, if configured to use a proxy server with the HTTPS protocol, by default could send to the proxy the same HTTP headers it sends to the destination server, possibly leaking sensitive information. OpenVAS Vulnerability Test $Id: deb3240.nasl 6609...

5CVSS6.7AI score0.07538EPSS
Exploits0References1
OSV
OSV
added 2015/01/14 12:0 a.m.43 views

DLA-134-1 curl - security update

Bulletin has no description...

4.3CVSS8.8AI score0.0681EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/01/09 12:0 a.m.42 views

Debian DSA-3122-1 : curl - security update

Andrey Labunets of Facebook discovered that cURL, an URL transfer library, fails to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl to access a specially crafted URL via an HTTP proxy could use this flaw to do additional requests in...

4.3CVSS7.5AI score0.0681EPSS
Exploits0References3
Debian
Debian
added 2015/01/08 7:35 p.m.30 views

[SECURITY] [DSA 3122-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3122-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 08, 2015 http://www.debian.org/security/faq -...

4.3CVSS1.3AI score0.0681EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/01/07 12:0 a.m.24 views

Debian: Security Advisory (DSA-3122-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS9.7AI score0.0681EPSS
Exploits0References3
securityvulns
securityvulns
added 2014/09/15 12:0 a.m.142 views

[SECURITY] [DSA 3022-1] curl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3022-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez September 10, 2014 http://www.debian.org/security/faq -...

5CVSS1.8AI score0.07432EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/09/09 12:0 a.m.34 views

Debian: Security Advisory (DSA-3022-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.7AI score0.07432EPSS
Exploits0References3
Debian
Debian
added 2014/04/13 8:26 a.m.31 views

[SECURITY] [DSA 2902-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2902-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 13, 2014 http://www.debian.org/security/faq -...

6.4CVSS6.3AI score0.0508EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/04/13 12:0 a.m.42 views

Debian Security Advisory DSA 2902-1 (curl - security update)

Two vulnerabilities have been discovered in cURL, an URL transfer library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-0138 Steve Holme discovered that libcurl can in some circumstances re-use the wrong connection when asked to do transfers using...

6.4CVSS0.1AI score0.0508EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2014/04/12 12:0 a.m.26 views

Debian: Security Advisory (DSA-2902-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS7.7AI score0.0508EPSS
Exploits0References3
OSV
OSV
added 2013/04/20 12:0 a.m.33 views

DSA-2660-1 curl - cookie leak vulnerability

Bulletin has no description...

5CVSS8.6AI score0.04986EPSS
Exploits1
OpenVAS
OpenVAS
added 2012/04/30 12:0 a.m.29 views

Debian: Security Advisory (DSA-2398-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.73327EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2012/02/12 12:0 a.m.28 views

Debian Security Advisory DSA 2398-1 (curl)

The remote host is missing an update to curl announced via advisory DSA 2398-1. OpenVAS Vulnerability Test $Id: deb23981.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2398-1 curl Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

7.5CVSS7.8AI score0.73327EPSS
Exploits4
Rows per page
Query Builder