Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.245 views

EulerOS Virtualization 3.0.1.0 : curl (EulerOS-SA-2019-1549)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in the way libcurl checks values returned by the openldap ldapgetattributeber function. A...

9.8CVSS7.7AI score0.15063EPSS
Exploits2References21
Tenable Nessus
Tenable Nessus
added 2019/02/19 12:0 a.m.56 views

Amazon Linux 2 : curl (ALAS-2019-1162)

libcurl is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages lib/vauth/ntlm.c:ntlmdecodetype2target does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM serv...

9.8CVSS8AI score0.12771EPSS
Exploits3References13
OSV
OSV
added 2018/01/03 4:40 p.m.10 views

MGASA-2018-0054 Updated curl packages fix security vulnerability

libcurl contains a buffer overrun flaw in the NTLM authentication code CVE-2017-8816. libcurl contains a read out of bounds flaw in the FTP wildcard function CVE-2017-8817. libcurl may read outside of a heap allocated buffer when doing FTP CVE-2017-1000254. libcurl contains a buffer overrun flaw ...

9.8CVSS8.6AI score0.11175EPSS
Exploits0References6
CNVD
CNVD
added 2017/11/30 12:0 a.m.3 views

Haxx curl and libcurl denial of service vulnerabilities

Haxx curl and libcurl are both products of the Swedish company Haxx. curl is a set of file transfer tools that utilize URL syntax to work at the command line. libcurl is a free, open source client-side URL transfer library. A denial of service vulnerability exists in the FTP wildcard function in...

9.8CVSS6.9AI score0.11175EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/29 6:0 p.m.21 views

CVE-2017-8817

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service out-of-bounds read and application crash or possibly have unspecified other impact via a string that ends with an '' character...

7.5AI score0.11175EPSS
Exploits0References8
CVE
CVE
added 2017/11/29 6:0 p.m.281 views

CVE-2017-8817

The CVE-2017-8817 issue is a read-out-of-bounds in libcurl’s FTP wildcard function that occurs when a path ends with an opening bracket [, affecting curl/libcurl versions earlier than 7.57.0. This can lead to a crash and potential information leakage. Amazon Linux 2 and other advisories (ALAS-201...

9.8CVSS9.7AI score0.11175EPSS
Exploits0References8Affected Software2
Rows per page
Query Builder