Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled
TELNET connections when the -t option was used on the command line.
Uninitialized data possibly containing sensitive information could be sent
to the remote server, contrary to expectations. This issue was only fixed
in Ubuntu 14.04 ESM. (CVE-2021-22898, CVE-2021-22925)
It was discovered that curl incorrectly handled denials when using HTTP
proxies. A remote attacker could use this issue to cause curl to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2022-43552)
More Stories
SEC Consult SA-20240930-0 :: Local Privilege Escalation via MSI Installer in Nitro PDF Pro (CVE-2024-35288)
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Sep 30 <<< application/pkcs7-signature; name="smime.p7s": Unrecognized >>> Read More
USN-7046-1: Flatpak and Bubblewrap vulnerability
It was discovered that Flatpak incorrectly handled certain persisted directories. An attacker could possibly use this issue to read and...
crosswords-0.3.13.3-4.fc41
FEDORA-2024-851219f5e3 Packages in this update: crosswords-0.3.13.3-4.fc41 Update description: Update to 0.3.13.3 and fix gresource generation Read More
perl-App-cpanminus-1.7047-2.fc39
FEDORA-2024-78e43b4de6 Packages in this update: perl-App-cpanminus-1.7047-2.fc39 Update description: Patch the code to use https instead of http (CVE-2024-45321) Read More
perl-App-cpanminus-1.7047-4.fc40
FEDORA-2024-aaa468ae4f Packages in this update: perl-App-cpanminus-1.7047-4.fc40 Update description: Patch the code to use https instead of http (CVE-2024-45321) Read More
perl-App-cpanminus-1.7047-5.fc41
FEDORA-2024-ef9db8b16d Packages in this update: perl-App-cpanminus-1.7047-5.fc41 Update description: Patch the code to use https instead of http (CVE-2024-45321) Read More