Gentoo Linux Security Advisory 202212-1 - Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. Versions less than 7.86.0 are affected.
e297fe6f1bca3eb09660ab5922cdfac1c9a3279734e9e89e74cc758a3e08ac46Debian Linux Security Advisory 5197-1 - Multiple security vulnerabilities have been discovered in cURL, an URL transfer library. These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack.
77ef9f5619851e18009af5092abdfe753f0a668e45b9771f079b64a5b7aa8ecaRed Hat Security Advisory 2022-1354-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
ebde07dce286b9dea0985f0dc954ffea909c665c9cd6016197d8bcb497e1f4f9Apple Security Advisory 2022-03-14-4 - macOS Monterey 12.3 addresses buffer overflow, bypass, code execution, denial of service, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
b1fc63b333f7de2af86c93eb24f76f251c983c5e8e7dd47bf132df37097eff6aRed Hat Security Advisory 2022-0635-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
0a6c062a860328bd9875093d92806fb960d67ecd0fe400873baa1276bb029a2dRed Hat Security Advisory 2021-5191-02 - Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with Container Images, for Red Hat 3scale API Management 2.11.1. Issues addressed include an XML injection vulnerability.
222e9e194871a86f08f51b797c06b520b5e808c822dbc8abe7f4de9d3c85287cRed Hat Security Advisory 2021-5038-04 - Red Hat Advanced Cluster Management for Kubernetes 2.2.10 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console — with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide security fixes, bug fixes and container upgrades. Issues addressed include a bypass vulnerability.
8c3861dc2826e4a0c7c98f1040e5e156c43227dbe0c19621db0bee3cb77b04e4Red Hat Security Advisory 2021-4914-06 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains the following OpenShift Virtualization 4.8.3 images: RHEL-8-CNV-4.8.
fd59966d097a080a7ded93322ccdd6a60d15159920ee6f8c093487695abfb467Red Hat Security Advisory 2021-4848-07 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include code execution and denial of service vulnerabilities.
19f369ca91efe5e627e3b6624c087f231da83297e68708c5e0fb2378ecc2b10eRed Hat Security Advisory 2021-4766-01 - Red Hat OpenShift Serverless release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6, 4.7, 4.8 and 4.9, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section.
0a78d0e1931087baa5332f57d804a1bee7c1d664fecea39758b98fa436ddda6cRed Hat Security Advisory 2021-4628-01 - Openshift Logging Bug Fix Release. Issues addressed include a code execution vulnerability.
ac277430a1b1b05dba76cecef03900e9e3030dda5c7eafc2dd739d28f122ce68Red Hat Security Advisory 2021-4618-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, and path sanitization vulnerabilities.
14809d9261f291a519a153713fcca44c926124a2a48c8d989887911783dba47fRed Hat Security Advisory 2021-4059-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
34daf9a24ea61b47c15ef48c2ee9383ee98eca2dd6a85e453275e6f5eab30c3aUbuntu Security Notice 5079-4 - USN-5079-2 fixed vulnerabilities in curl. One of the fixes introduced a regression. This update fixes the problem. Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. Various other issues were also addressed.
f4f6d97f9e479e48e18c50f65141b5cecaeca83955ce66cc82980e7fcf775b8eUbuntu Security Notice 5079-3 - USN-5079-1 fixed vulnerabilities in curl. One of the fixes introduced a regression on Ubuntu 18.04 LTS. This update fixes the problem. It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. Patrick Monnerat discovered that curl incorrectly handled responses received before STARTTLS. A remote attacker could possibly use this issue to inject responses and intercept communications. Various other issues were also addressed.
0ed5cbb6171e4f59bf66a7fec9639c782a0a1b53c8e5cbbf6e468d1dda90bf96Ubuntu Security Notice 5079-2 - USN-5079-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. Patrick Monnerat discovered that curl incorrectly handled responses received before STARTTLS. A remote attacker could possibly use this issue to inject responses and intercept communications. Various other issues were also addressed.
60550d5e74772413dfb06a565ea32040a3d6110b2dd1c2e451288a6afe7cc288Ubuntu Security Notice 5079-1 - It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. Various other issues were also addressed.
33a734d871c8bed97d25050dd5bf6ab7df0fb69274d554d1083bd6cb8dc39da0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed