Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-07-07 | CVE-2022-32205 | A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are... | Macos, Debian_linux, Fedora, Curl, Clustered_data_ontap, Element_software, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Hci_management_node, Solidfire, Scalance_sc622\-2c_firmware, Scalance_sc626\-2c_firmware, Scalance_sc632\-2c_firmware, Scalance_sc636\-2c_firmware, Scalance_sc642\-2c_firmware, Scalance_sc646\-2c_firmware, Universal_forwarder | 4.3 | ||
2022-07-07 | CVE-2022-32206 | curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand... | Debian_linux, Fedora, Curl, Bootstrap_os, Clustered_data_ontap, Element_software, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Hci_management_node, Solidfire, Scalance_sc622\-2c_firmware, Scalance_sc626\-2c_firmware, Scalance_sc632\-2c_firmware, Scalance_sc636\-2c_firmware, Scalance_sc642\-2c_firmware, Scalance_sc646\-2c_firmware, Universal_forwarder | 6.5 | ||
2022-07-07 | CVE-2022-32207 | When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended. | Macos, Debian_linux, Fedora, Curl, Bootstrap_os, Clustered_data_ontap, Element_software, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Hci_management_node, Solidfire, Universal_forwarder | 9.8 | ||
2022-07-07 | CVE-2022-32208 | When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. | Macos, Debian_linux, Fedora, Curl, Bootstrap_os, Clustered_data_ontap, Element_software, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Hci_management_node, Solidfire, Universal_forwarder | 5.9 | ||
2022-08-23 | CVE-2021-31566 | An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system. | Debian_linux, Fedora, Libarchive, Codeready_linux_builder, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Universal_forwarder | 7.8 | ||
2022-09-23 | CVE-2022-35252 | When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings. | Macos, Debian_linux, Curl, Bootstrap_os, Clustered_data_ontap, Element_software, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Hci_management_node, Solidfire, Universal_forwarder | 3.7 | ||
2022-11-22 | CVE-2022-36227 | In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: "In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution." | Debian_linux, Fedora, Libarchive, Universal_forwarder | 9.8 | ||
2022-12-05 | CVE-2022-32221 | When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle... | Macos, Debian_linux, Curl, Clustered_data_ontap, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Universal_forwarder | 9.8 | ||
2023-02-23 | CVE-2023-23916 | An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The... | Debian_linux, Fedora, Curl, Clustered_data_ontap, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Universal_forwarder | 6.5 | ||
2023-03-30 | CVE-2023-27535 | An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too... | Debian_linux, Fedora, Libcurl, Active_iq_unified_manager, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Ontap_9, Universal_forwarder | 5.9 |