rpm package
suse/curl&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
pkg:rpm/suse/curl&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-9086 | Hig | 7.5 | < 8.14.1-150400.5.69.1 | 8.14.1-150400.5.69.1 | Sep 12, 2025 | 1. A cookie is set using the `secure` keyword for `https://target` 2. curl is redirected to or otherwise made to speak with `http://target` (same hostname, but using clear text HTTP) using the same cookie set 3. The same cookie name is set - but with just a slash as path | |
| CVE-2025-10148 | — | < 8.14.1-150400.5.69.1 | 8.14.1-150400.5.69.1 | Sep 12, 2025 | curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted and was used throughout the entire connection. A predictable mask pattern allows for a malicious server to induce traf | ||
| CVE-2024-9681 | — | < 8.0.1-150400.5.56.1 | 8.0.1-150400.5.56.1 | Nov 6, 2024 | When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure `HTTP://` scheme and perform | ||
| CVE-2024-7264 | — | < 8.0.1-150400.5.47.1 | 8.0.1-150400.5.47.1 | Jul 31, 2024 | libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the *time fraction*, leading to a `strlen()` getting performed on a pointer t | ||
| CVE-2024-2398 | — | < 8.0.1-150400.5.44.1 | 8.0.1-150400.5.44.1 | Mar 27, 2024 | When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated head | ||
| CVE-2024-2004 | — | < 8.0.1-150400.5.44.1 | 8.0.1-150400.5.44.1 | Mar 27, 2024 | When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protoc |
- affected < 8.14.1-150400.5.69.1fixed 8.14.1-150400.5.69.1
1. A cookie is set using the `secure` keyword for `https://target` 2. curl is redirected to or otherwise made to speak with `http://target` (same hostname, but using clear text HTTP) using the same cookie set 3. The same cookie name is set - but with just a slash as path
- CVE-2025-10148Sep 12, 2025affected < 8.14.1-150400.5.69.1fixed 8.14.1-150400.5.69.1
curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted and was used throughout the entire connection. A predictable mask pattern allows for a malicious server to induce traf
- CVE-2024-9681Nov 6, 2024affected < 8.0.1-150400.5.56.1fixed 8.0.1-150400.5.56.1
When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure `HTTP://` scheme and perform
- CVE-2024-7264Jul 31, 2024affected < 8.0.1-150400.5.47.1fixed 8.0.1-150400.5.47.1
libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the *time fraction*, leading to a `strlen()` getting performed on a pointer t
- CVE-2024-2398Mar 27, 2024affected < 8.0.1-150400.5.44.1fixed 8.0.1-150400.5.44.1
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated head
- CVE-2024-2004Mar 27, 2024affected < 8.0.1-150400.5.44.1fixed 8.0.1-150400.5.44.1
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protoc