Hiroki Kurosawa discovered that curl incorrectly handled HSTS support
when certain hostnames included IDN characters. A remote attacker could
possibly use this issue to cause curl to use unencrypted connections. This
issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-43551)
It was discovered that curl incorrectly handled denials when using HTTP
proxies. A remote attacker could use this issue to cause curl to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2022-43552)
More Stories
git-2.45.1-1.fc39
FEDORA-2024-4c06645f07 Packages in this update: git-2.45.1-1.fc39 Update description: update to 2.45.1 Read More
git-2.45.1-1.fc40
FEDORA-2024-ecba8476e2 Packages in this update: git-2.45.1-1.fc40 Update description: update to 2.45.1 Read More
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla Products, the most severe of which could allow for arbitrary code execution. Mozilla...
Multiple Vulnerabilities in Siemens Ruggedcom Crossbow Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Siemens Ruggedcom Crossbow, the most severe of which could allow for arbitrary code execution....
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe...
SEC Consult SA-20240513-0 :: Tolerating Self-Signed Certificates in SAP® Cloud Connector
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 14 SEC Consult Vulnerability Lab Security Advisory < 20240513-0 >...