3 matches found
CVE-2025-14524 affecting package cmake for versions less than 3.30.3-12
CVE-2025-14524 affecting package cmake for versions less than 3.30.3-12. A patched version of the package is available...
AZL-67290 CVE-2025-10148 affecting package cmake for versions less than 3.30.3-10
curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted and was used throughout the entire connection. A predictable mask pattern allows for a malicious server to induce traffic between the two...
AZL-37087 CVE-2024-2004 affecting package cmake for versions less than 3.30.3-2
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been...