Download
| Alert*
|
oval:org.secpod.oval:def:89045139
This update for curl fixes the following security issues: - CVE-2016-8624: invalid URL parsing with "#" - CVE-2016-8623: Use-after-free via shared cookies - CVE-2016-8621: curl_getdate read out of bounds - CVE-2016-8619: double-free in krb5 code - CVE-2016-8618: double-free in curl_maprintf - C ... oval:org.secpod.oval:def:703341 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:38514 The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle unknown vectors related to curl. Successful exploitation could allow attackers to leak sensitive u ... oval:org.secpod.oval:def:204630 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * Multiple integer overflow flaws leading to heap-based buffer overflows were found in the way curl handled escaping and unescap ... oval:org.secpod.oval:def:111314 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:111375 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:1501978 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:37885 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:502087 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * Multiple integer overflow flaws leading to heap-based buffer overflows were found in the way curl handled escaping and unescap ... oval:org.secpod.oval:def:1600454 After testing original CVE-2016-5420 patch, it was discovered that libcurl built on top of NSS still incorrectly re-uses client certificates if a certificate from file is used for one TLS connection but no certificate is set for a subsequent TLS connection. oval:org.secpod.oval:def:1800350 The four libcurl functions curl_escape, curl_easy_escape, curl_unescape and curl_easy_unescape perform string URL percent escaping and unescaping. They accept custom string length inputs in signed integer arguments. Affected versions: libcurl 7.11.1 to and including 7.50.2 Not affected versions: li ... oval:org.secpod.oval:def:51515 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:505099 The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. The following packages have been upgraded to a later upstream version: httpd24-httpd , httpd ... oval:org.secpod.oval:def:38489 The host is missing a critical security update according to Apple advisory, APPLE-SA-2016-12-13-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute a ... |
