VYPR

rpm package

suse/curl&distro=SUSE OpenStack Cloud 8

pkg:rpm/suse/curl&distro=SUSE%20OpenStack%20Cloud%208

Vulnerabilities (4)

  • CVE-2022-27782HigJun 2, 2022
    affected < 7.37.0-37.76.1fixed 7.37.0-37.76.1

    libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, s

  • CVE-2022-27781HigJun 2, 2022
    affected < 7.37.0-37.76.1fixed 7.37.0-37.76.1

    libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve

  • CVE-2020-8177HigDec 14, 2020
    affected < 7.37.0-37.47.1fixed 7.37.0-37.47.1

    curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.

  • CVE-2019-5482CriSep 16, 2019
    affected < 7.37.0-37.43.1fixed 7.37.0-37.43.1

    Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.