Download
| Alert*
oval:org.secpod.oval:def:96924
The host is missing a patch containing a security fixes, which affects the following package(s): oss.lib.libcurl oval:org.secpod.oval:def:95718 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues in various components. Successful exploitation allow attackers to execute arbitrary, cause denial ... oval:org.secpod.oval:def:10000006 The host is installed with Teamviewer before 15.46.8 and is prone to a heap buffer overflow vulnerability. A flaw is present in the application, which fails to handle an issue in the SOCKS5 protocol. Successful exploitation could allow attackers to make curl overflow a heap based buffer in the SOCKS ... oval:org.secpod.oval:def:94001 An update for curl is now available for Red Hat Enterprise Linux 9. oval:org.secpod.oval:def:96294 The host is installed with Curl 7.69.0 before 8.4.0 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle an issue in the SOCKS5 protocol. Successful exploitation could allow attackers to make curl overflow a heap based buffer in the ... oval:org.secpod.oval:def:126316 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:1507155 [7.76.1-26.el9_3.2] - fix cookie injection with none file [7.76.1-26.el9_3.1] - socks: return error if hostname too long for remote resolve oval:org.secpod.oval:def:126411 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:612726 Two security issues were found in Curl, an easy-to-use client-side URL transfer library and command line tool: CVE-2023-38545 Jay Satiro discovered a buffer overflow in the SOCKS5 proxy handshake. CVE-2023-38546 It was discovered that under some circumstances libcurl was susceptible to cookie inject ... oval:org.secpod.oval:def:89050947 This update for curl fixes the following issues: * CVE-2023-38545: Fixed a heap buffer overflow in SOCKS5. * CVE-2023-38546: Fixed a cookie injection with none file oval:org.secpod.oval:def:89050946 This update for curl fixes the following issues: * CVE-2023-38545: Fixed a heap buffer overflow in SOCKS5. * CVE-2023-38546: Fixed a cookie injection with none file oval:org.secpod.oval:def:2600346 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. oval:org.secpod.oval:def:93769 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:2600404 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. oval:org.secpod.oval:def:93707 A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then Cur ... oval:org.secpod.oval:def:93726 curl: SOCKS5 heap buffer overflow. oval:org.secpod.oval:def:96951 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues in various components. Successful exploitation allow attackers to execute arbitrary code, or disc ... oval:org.secpod.oval:def:1507086 [7.76.1-23.el9_2.4] - curl: a heap-based buffer overflow in the SOCKS5 proxy handshake - curl: cookie injection with none file oval:org.secpod.oval:def:2108296 Oracle Solaris 11 - ( CVE-2023-38545 ) oval:org.secpod.oval:def:19500434 An issue was found in curl that can cause a buffer overflow in its SOCKS5 proxy communications code.When curl is using a SOCKS5 proxy and it needs to resolve a hostname to an IP address, its default behavior is to pass the hostname to the proxy and allow it to perform the resolution. In cases where ... oval:org.secpod.oval:def:96974 The host is installed with Apple Mac OS 12 before 12.7.3, Apple Mac OS 13 before 13.6.4, Apple Mac OS 14 before 14.2, or Curl 7.69.0 before 8.4.0 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fails to properly handle multiple issues in curl. On suc ... oval:org.secpod.oval:def:96952 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues in various components. Successful exploitation allow attackers to execute arbitrary code, or disc ... oval:org.secpod.oval:def:3302086 Security update for curl oval:org.secpod.oval:def:95231 Two security issues were found in Curl, an easy-to-use client-side URL transfer library and command line tool: CVE-2023-38545 Jay Satiro discovered a buffer overflow in the SOCKS5 proxy handshake. CVE-2023-38546 It was discovered that under some circumstances libcurl was susceptible to cookie inject ... oval:org.secpod.oval:def:1701835 An issue was found in curl that can cause a buffer overflow in its SOCKS5 proxy communications code.When curl is using a SOCKS5 proxy and it needs to resolve a hostname to an IP address, its default behavior is to pass the hostname to the proxy and allow it to perform the resolution. In cases where ... oval:org.secpod.oval:def:95151 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: a heap-based buffer overflow in the SOCKS5 proxy handshake (CVE-2023-38545) * curl: cookie injection with none file ... oval:org.secpod.oval:def:94494 The host is missing a critical security update for KB5032192 oval:org.secpod.oval:def:94491 The host is missing a critical security update for KB5032189 oval:org.secpod.oval:def:94492 The host is missing a critical security update for KB5032190 oval:org.secpod.oval:def:94497 The host is missing a critical security update for KB5032198 oval:org.secpod.oval:def:94495 The host is missing a critical security update for KB5032196 oval:org.secpod.oval:def:93866 The host is installed with Oracle MySQL Server through 5.7.43, 8.0.34, or 8.1.0 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Server: Compiling (curl). Successful exploitation allows attackers to affect Confidentiality, I ... oval:org.secpod.oval:def:93775 The host is installed with Windows 10 and 11 having Curl 7.69.0 before 8.4.0, Teamviewer before 15.46.8, Oracle MySQL Server through 5.7.43, 8.0.34, 8.1.0, or Oracle Database Server 19c, or 21c and is prone to a heap buffer overflow vulnerability. A flaw is present in the application, which fails to ... |