Количество 17
Количество 17
CVE-2023-27536
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.
CVE-2023-27536
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.
CVE-2023-27536
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.
CVE-2023-27536
CVE-2023-27536
An authentication bypass vulnerability exists libcurl <8.0.0 in the co ...
GHSA-4f9f-mpmj-4c52
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.
BDU:2023-02109
Уязвимость функции повторного использования соединения библиотеки libcurl, позволяющая нарушителю повлиять на передачу данных krb5/kerberos / negotiate /GSSAPI и потенциально привести к несанкционированному доступу к конфиденциальной информации
RLSA-2023:4523
Moderate: curl security update
ELSA-2023-4523
ELSA-2023-4523: curl security update (MODERATE)
BDU:2023-02106
Уязвимость библиотеки libcurl, связанная с повторным использованием FTP-соединения, позволяющая нарушителю использовать неправильные учетные данные при выполнении передачи, что потенциально может привести к раскрытию защищаемой информации
ROS-20230407-01
Множественные уязвимости libcurl
ELSA-2023-6679
ELSA-2023-6679: curl security update (MODERATE)
SUSE-SU-2023:1582-1
Security update for curl
SUSE-SU-2023:0865-1
Security update for curl
SUSE-SU-2023:1711-1
Security update for curl
SUSE-SU-2023:2228-1
Security update for curl
SUSE-SU-2023:2226-1
Security update for curl
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-27536 An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. | CVSS3: 5.9 | 0% Низкий | около 2 лет назад |
 | CVE-2023-27536 An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. | CVSS3: 5.9 | 0% Низкий | около 2 лет назад |
 | CVE-2023-27536 An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. | CVSS3: 5.9 | 0% Низкий | около 2 лет назад |
 | CVSS3: 5.9 | 0% Низкий | около 2 лет назад | |
| CVE-2023-27536 An authentication bypass vulnerability exists libcurl <8.0.0 in the co ... | CVSS3: 5.9 | 0% Низкий | около 2 лет назад |
| GHSA-4f9f-mpmj-4c52 An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
 | BDU:2023-02109 Уязвимость функции повторного использования соединения библиотеки libcurl, позволяющая нарушителю повлиять на передачу данных krb5/kerberos / negotiate /GSSAPI и потенциально привести к несанкционированному доступу к конфиденциальной информации | CVSS3: 5.9 | 0% Низкий | около 2 лет назад |
 | RLSA-2023:4523 Moderate: curl security update | больше 1 года назад | ||
| ELSA-2023-4523 ELSA-2023-4523: curl security update (MODERATE) | почти 2 года назад | ||
| BDU:2023-02106 Уязвимость библиотеки libcurl, связанная с повторным использованием FTP-соединения, позволяющая нарушителю использовать неправильные учетные данные при выполнении передачи, что потенциально может привести к раскрытию защищаемой информации | CVSS3: 5.9 | 0% Низкий | около 2 лет назад |
 | ROS-20230407-01 Множественные уязвимости libcurl | CVSS3: 5.9 | около 2 лет назад | |
| ELSA-2023-6679 ELSA-2023-6679: curl security update (MODERATE) | больше 1 года назад | ||
 | SUSE-SU-2023:1582-1 Security update for curl | около 2 лет назад | ||
| SUSE-SU-2023:0865-1 Security update for curl | около 2 лет назад | ||
| SUSE-SU-2023:1711-1 Security update for curl | около 2 лет назад | ||
| SUSE-SU-2023:2228-1 Security update for curl | около 2 лет назад | ||
| SUSE-SU-2023:2226-1 Security update for curl | около 2 лет назад |
Уязвимостей на страницу