Download
| Alert*
oval:org.secpod.oval:def:507042
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: OAUTH2 bearer bypass in connection re-use * curl: credential leak on redirect * curl: auth/cookie leak on redirect * ... oval:org.secpod.oval:def:88462 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:122190 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:88480 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:706460 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:4500995 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: OAUTH2 bearer bypass in connection re-use * curl: credential leak on redirect * curl: auth/cookie leak on redirect * ... oval:org.secpod.oval:def:89046319 This update for curl fixes the following issues: - CVE-2022-27781: Fixed CERTINFO never-ending busy-loop - CVE-2022-27782: Fixed TLS and SSH connection too eager reuse oval:org.secpod.oval:def:122356 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:89046335 This update for curl fixes the following issues: - CVE-2022-27781: Fixed CERTINFO never-ending busy-loop - CVE-2022-27782: Fixed TLS and SSH connection too eager reuse oval:org.secpod.oval:def:89046354 This update for curl fixes the following issues: - CVE-2022-27781: Fixed CERTINFO never-ending busy-loop - CVE-2022-27782: Fixed TLS and SSH connection too eager reuse oval:org.secpod.oval:def:122175 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:1505877 [7.76.1-14.el9_0.4] - fix too eager reuse of TLS and SSH connections [7.76.1-14.el9_0.3] - fix leak of SRP credentials in redirects [7.76.1-14.el9_0.2] - add missing tests to Makefile [7.76.1-14.el9_0.1] - fix credential leak on redirect - fix auth/cookie leak on redirect - fix OAUTH2 bearer byp ... oval:org.secpod.oval:def:2500770 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. oval:org.secpod.oval:def:507030 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: OAUTH2 bearer bypass in connection re-use * curl: credential leak on redirect * curl: auth/cookie leak on redirect * ... oval:org.secpod.oval:def:2107723 Oracle Solaris 11 - ( CVE-2022-27779 ) oval:org.secpod.oval:def:97650 [CLSA-2022:1656961923] Fixed CVE-2022-27782 in curl oval:org.secpod.oval:def:80325 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:1505841 [7.61.1-22.el8_6.3] - fix too eager reuse of TLS and SSH connections [7.61.1-22.el8_6.2] - fix invalid type in printf argument detected by Coverity [7.61.1-22.el8_6.1] - fix credential leak on redirect - fix auth/cookie leak on redirect - fix OAUTH2 bearer bypass in connection re-use oval:org.secpod.oval:def:89047459 This update for curl fixes the following issues: - CVE-2022-27781: Fixed CERTINFO never-ending busy-loop - CVE-2022-27782: Fixed TLS and SSH connection too eager reuse oval:org.secpod.oval:def:1700942 A vulnerability was found in curl. This issue occurs because curl can reuse a previously created connection even when a TLS or SSH-related option is changed that should have prohibited reuse. This flaw leads to an authentication bypass, either by mistake or by a malicious actor oval:org.secpod.oval:def:1601594 A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. This issue leads to an authentication bypass, either by mistake or by a malicious act ... oval:org.secpod.oval:def:19500155 A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. This issue leads to an authentication bypass, either by mistake or by a malicious act ... oval:org.secpod.oval:def:88385 Multiple security vulnerabilities have been discovered in cURL, an URL transfer library. These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack. oval:org.secpod.oval:def:90727 The host is missing a patch containing a security fixes, which affects the following package(s): oss.lib.libcurl oval:org.secpod.oval:def:609036 Multiple security vulnerabilities have been discovered in cURL, an URL transfer library. These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack. oval:org.secpod.oval:def:89046887 This update for curl fixes the following issues: - CVE-2022-27781: Fixed an issue where curl will get stuck in an infinite loop when trying to retrieve details about a TLS server"s certificate chain . - CVE-2022-27782: Fixed an issue where TLS and SSH connections would be reused even when a related ... oval:org.secpod.oval:def:89046882 This update for curl fixes the following issues: - CVE-2022-27781: Fixed an issue where curl will get stuck in an infinite loop when trying to retrieve details about a TLS server"s certificate chain . - CVE-2022-27782: Fixed an issue where TLS and SSH connections would be reused even when a related ... |