Download
| Alert*
oval:org.secpod.oval:def:89002561
This update for curl fixes the following issues: - CVE-2018-16840: A use after free in closing SASL handles was fixed - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes oval:org.secpod.oval:def:89002426 This update for curl fixes the following issues: - CVE-2018-16840: A use-after-free in SASL handle close was fixed - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes oval:org.secpod.oval:def:89003325 This update for curl fixes the following issues: Security issues fixed: - CVE-2019-3822: Fixed a NTLMv2 type-3 header stack buffer overflow . - CVE-2019-3823: Fixed an out-of-bounds read in the SMTP end-of-response . - CVE-2018-16890: Fixed an out-of-bounds buffer read in NTLM type2 . - CVE-2018-168 ... oval:org.secpod.oval:def:2103386 Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service. oval:org.secpod.oval:def:1600974 A heap use-after-free flaw was found in curl related to closing an easy handle. When closing and cleaning up an #039;easy#039; handle in the `Curl_close` function, the library code first frees a struct and might then subsequently erroneously write to a struct field within that already freed struct. ... oval:org.secpod.oval:def:51024 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:115296 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:89049639 This update for curl fixes the following issues: - CVE-2018-16839: A SASL password overflow via integer overflow was fixed which could lead to crashes - CVE-2018-16840: A use-after-free in SASL handle close was fixed which could lead to crashes - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c ... oval:org.secpod.oval:def:115380 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:48685 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:1700125 libcurl is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad le ... |