Page 14 of 96 results (0.009 seconds)

CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0

The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read. La función ourWriteOut en tool_writeout.c en curl 7.53.1 podría permitir que los atacantes físicamente próximos obtengan información sensible de la memoria del proceso en circunstancias oportunistas leyendo una pantalla de la estación de trabajo durante el uso de un argumento --write-out que termina en un carácter '%', lo que conduce a desbordamiento de búfer basado en memoria dinámica. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://access.redhat.com/errata/RHSA-2018:3558 https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13 https://security.gentoo.org/glsa/201709-14 https://access.redhat.com/security/cve/CVE-2017-7407 https://bugzilla.redhat.com/show_bug.cgi?id=1439190 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid proof, even when there is none or if the server doesn't support the TLS extension in question. This could lead to users not detecting when a server's certificate goes invalid or otherwise be mislead that the server is in a better shape than it is in reality. This flaw also exists in the command line tool (--cert-status). curl en versiones anteriores a la 7.53.0 tiene una característica de extensión TLS Certificate Status Request que solicita una nueva prueba de la validez del certificado del servidor en el código que comprueba el éxito o el fracaso de una prueba. Acaba siempre pensando que hay pruebas válidas, incluso cuando no hay ninguna o si el servidor no soporta la extensión TLS en cuestión. • http://www.securityfocus.com/bid/96382 http://www.securitytracker.com/id/1037871 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2629 https://curl.haxx.se/docs/adv_20170222.html https://security.gentoo.org/glsa/201703-04 https://www.tenable.com/security/tns-2017-09 • CWE-295: Improper Certificate Validation •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host. curl en versiones anteriores a la 7.51.0 emplea el estándar IDNA 2003 obsoleto para gestionar nombres de dominio internacionales, lo que podría hacer que los usuarios envíen peticiones de transferencia de red al host erróneo sin darse cuenta. • http://www.securityfocus.com/bid/94107 http://www.securitytracker.com/id/1037192 https://access.redhat.com/errata/RHSA-2018:2486 https://access.redhat.com/errata/RHSA-2018:3558 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8625 https://curl.haxx.se/CVE-2016-8625.patch https://curl.haxx.se/docs/adv_20161102K.html https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c0277 • CWE-20: Improper Input Validation •

CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 0

curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable. curl, en versiones anteriores a la 7.52.1, es vulnerable a un valor aleatorio no inicializado en la función interna de libcurl que devuelve un valor aleatorio bueno de 32 bits. Tener un valor aleatorio débil o virtualmente inexistente hace que las operaciones que lo usan sean vulnerables. • http://www.securityfocus.com/bid/95094 http://www.securitytracker.com/id/1037528 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9594 https://curl.haxx.se/docs/adv_20161223.html https://security.gentoo.org/glsa/201701-47 https://www.tenable.com/security/tns-2017-04 • CWE-665: Improper Initialization •

CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 0

curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks. curl, en versiones anteriores a la 7.52.0, es vulnerable a un desbordamiento de búfer cuando se realiza un envío de un gran puntero flotante en la implementación de libcurl de la función printf(). Si hay aplicaciones que acepten una cadena de formato externa sin necesitar un filtrado de entrada, podría permitir ataques remotos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/95019 http://www.securitytracker.com/id/1037515 https://access.redhat.com/errata/RHSA-2018:3558 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586 https://curl.haxx.se/docs/adv_20161221A.html https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •