Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2019-3823
Vulnerability from cvelistv5
Published
2019-02-06 20:00
Modified
2024-08-04 19:19
Severity ?
EPSS score ?
Summary
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The curl Project | curl |
Version: 7.64.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:18.612Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201903-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201903-03", }, { name: "DSA-4386", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4386", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190315-0001/", }, { name: "USN-3882-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3882-1/", }, { name: "106950", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106950", }, { name: "[infra-devnull] 20190404 [GitHub] [incubator-openwhisk-runtime-ballerina] falkzoll commented on issue #15: Update to new base image jdk8u202-b08_openj9-0.12.1.", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { name: "RHSA-2019:3701", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "curl", vendor: "The curl Project", versions: [ { status: "affected", version: "7.64.0", }, ], }, ], datePublic: "2019-02-06T00:00:00", descriptions: [ { lang: "en", value: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-09T14:06:19", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "GLSA-201903-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201903-03", }, { name: "DSA-4386", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4386", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", }, { tags: [ "x_refsource_MISC", ], url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190315-0001/", }, { name: "USN-3882-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3882-1/", }, { name: "106950", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106950", }, { name: "[infra-devnull] 20190404 [GitHub] [incubator-openwhisk-runtime-ballerina] falkzoll commented on issue #15: Update to new base image jdk8u202-b08_openj9-0.12.1.", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { name: "RHSA-2019:3701", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-3823", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "curl", version: { version_data: [ { version_value: "7.64.0", }, ], }, }, ], }, vendor_name: "The curl Project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", }, ], }, impact: { cvss: [ [ { vectorString: "4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125", }, ], }, ], }, references: { reference_data: [ { name: "GLSA-201903-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201903-03", }, { name: "DSA-4386", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4386", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", }, { name: "https://curl.haxx.se/docs/CVE-2019-3823.html", refsource: "MISC", url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, { name: "https://security.netapp.com/advisory/ntap-20190315-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190315-0001/", }, { name: "USN-3882-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3882-1/", }, { name: "106950", refsource: "BID", url: "http://www.securityfocus.com/bid/106950", }, { name: "[infra-devnull] 20190404 [GitHub] [incubator-openwhisk-runtime-ballerina] falkzoll commented on issue #15: Update to new base image jdk8u202-b08_openj9-0.12.1.", refsource: "MLIST", url: "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { name: "RHSA-2019:3701", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-3823", datePublished: "2019-02-06T20:00:00", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-08-04T19:19:18.612Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2019-3823\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2019-02-06T20:29:00.400\",\"lastModified\":\"2024-11-21T04:42:37.110\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.\"},{\"lang\":\"es\",\"value\":\"libcurl, desde la versión 7.34.0 hasta antes de la 7.64.0, es vulnerable a una lectura de memoria dinámica (heap) fuera de límites en el código que maneja el final de la respuesta para SMTP. Si el búfer que se pasa a \\\"smtp_endofresp()\\\" no termina en NUL, no contiene caracteres que terminen el número analizado y \\\"len\\\" se establece como 5, la llamada \\\"strtol()\\\" lee más allá del búfer asignado. Los contenidos de la lectura no se devolverán al llamante.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.34.0\",\"versionEndExcluding\":\"7.64.0\",\"matchCriteriaId\":\"AA479CAB-06B4-450E-B78A-60A623E62863\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07C312A0-CD2C-4B9C-B064-6409B25C278F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0E976A9-6253-4DF5-9370-471D0469B395\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3517A27-E6EE-497C-9996-F78171BBE90F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFC79B17-E9D2-44D5-93ED-2F959E7A3D43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5265C91-FF5C-4451-A7C2-D388A65ACFA2\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/106950\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3701\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://curl.haxx.se/docs/CVE-2019-3823.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.gentoo.org/glsa/201903-03\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190315-0001/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3882-1/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4386\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/106950\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3701\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://curl.haxx.se/docs/CVE-2019-3823.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201903-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190315-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3882-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4386\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
icsa-21-068-10
Vulnerability from csaf_cisa
Published
2021-03-09 00:00
Modified
2021-09-14 00:00
Summary
Siemens SCALANCE and SIMATIC libcurl (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of this third-party vulnerability could allow an attacker to cause a denial-of-service condition on the affected devices.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
Impact of libcurl vulnerabilities to other Siemens products:
- - Siemens Security Advisory SSA-936080
For more details regarding the libcurl vulnerability refer to:
- - Project curl Security Advisory "NTLM type-2 out-of-bounds buffer
read"
- - Project curl Security Advisory "NTLMv2 type-3 header stack buffer
overflow"
- - Project curl Security Advisory "SMTP end-of-response out-of-bounds
read"
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
Impact of libcurl vulnerabilities to other Siemens products: - - Siemens Security Advisory SSA-936080 For more details regarding the libcurl vulnerability refer to: - - Project curl Security Advisory "NTLM type-2 out-of-bounds buffer read" - - Project curl Security Advisory "NTLMv2 type-3 header stack buffer overflow" - - Project curl Security Advisory "SMTP end-of-response out-of-bounds read" For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target this vulnerability.
{ document: { acknowledgments: [ { organization: "Siemens", summary: "reporting this vulnerability to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of this third-party vulnerability could allow an attacker to cause a denial-of-service condition on the affected devices.", title: "Risk evaluation", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "general", text: "Impact of libcurl vulnerabilities to other Siemens products:\n\n- - Siemens Security Advisory SSA-936080\n\nFor more details regarding the libcurl vulnerability refer to:\n\n- - Project curl Security Advisory \"NTLM type-2 out-of-bounds buffer\n read\"\n\n- - Project curl Security Advisory \"NTLMv2 type-3 header stack buffer\n overflow\"\n\n- - Project curl Security Advisory \"SMTP end-of-response out-of-bounds\n read\"\n\nFor further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "general", text: "Impact of libcurl vulnerabilities to other Siemens products: - - Siemens Security Advisory SSA-936080 For more details regarding the libcurl vulnerability refer to: - - Project curl Security Advisory \"NTLM type-2 out-of-bounds buffer read\" - - Project curl Security Advisory \"NTLMv2 type-3 header stack buffer overflow\" - - Project curl Security Advisory \"SMTP end-of-response out-of-bounds read\" For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "other", text: "No known public exploits specifically target this vulnerability.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "ICS Advisory ICSA-21-068-10 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-068-10.json", }, { category: "self", summary: "ICS Advisory ICSA-21-068-10 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-068-10", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B", }, { category: "external", summary: "SSA-496604: SSA-436177: Multiple Vulnerabilities in SINEMA Remote Connect - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/SSA-436177.txt", }, ], title: "Siemens SCALANCE and SIMATIC libcurl (Update B)", tracking: { current_release_date: "2021-09-14T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-21-068-10", initial_release_date: "2021-03-09T00:00:00.000000Z", revision_history: [ { date: "2021-03-09T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSA-21-068-10 Siemens SCALANCE and SIMATIC libcurl", }, { date: "2021-05-11T00:00:00.000000Z", legacy_version: "A", number: "2", summary: "ICSA-21-068-10 Siemens SCALANCE and SIMATIC libcurl (Update A)", }, { date: "2021-09-14T00:00:00.000000Z", legacy_version: "B", number: "3", summary: "ICSA-21-068-10 Siemens SCALANCE and SIMATIC libcurl (Update B)", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "All versions < V2.0 HF1", product: { name: "SINEMA Remote Connect Client: All versions < V2.0 HF1", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "SINEMA Remote Connect Client", }, { branches: [ { category: "product_version_range", name: "All versions < V2.0", product: { name: "SINEMA Remote Connect Server: All versions < V2.0", product_id: "CSAFPID-0002", }, }, ], category: "product_name", name: "SINEMA Remote Connect Server", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2018-14618", cwe: { id: "CWE-131", name: "Incorrect Calculation of Buffer Size", }, notes: [ { category: "summary", text: "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl.", title: "Summary", }, { category: "summary", text: "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2018-16890", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a heap buffer out-of-bounds read.", title: "Summary", }, { category: "summary", text: "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2019-3822", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a stack-based buffer overflow.", title: "Summary", }, { category: "summary", text: "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2019-3823", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP.", title: "Summary", }, { category: "summary", text: "This vulnerability could allow an attacker to trigger a Denial-of-Service condition on the affected devices.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3823", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2019-6570", cwe: { id: "CWE-280", name: "Improper Handling of Insufficient Permissions or Privileges ", }, notes: [ { category: "summary", text: "Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization.", title: "Summary", }, { category: "summary", text: "An attacker must have access to a low privileged account in order to exploit the vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0002", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, ], }
ICSA-19-099-04
Vulnerability from csaf_cisa
Published
2019-04-09 00:00
Modified
2021-03-09 00:00
Summary
Siemens SINEMA Remote Connect (Update A)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to circumvent the system authorization for certain functionalities, and to execute privileged functions.
Critical infrastructure sectors
Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
Impact of libcurl vulnerabilities to other Siemens products:
- - Siemens Security Advisory SSA-936080
For more details regarding the libcurl vulnerability refer to:
- - Project curl Security Advisory "NTLM type-2 out-of-bounds buffer
read"
- - Project curl Security Advisory "NTLMv2 type-3 header stack buffer
overflow"
- - Project curl Security Advisory "SMTP end-of-response out-of-bounds
read"
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
Impact of libcurl vulnerabilities to other Siemens products: - - Siemens Security Advisory SSA-936080 For more details regarding the libcurl vulnerability refer to: - - Project curl Security Advisory "NTLM type-2 out-of-bounds buffer read" - - Project curl Security Advisory "NTLMv2 type-3 header stack buffer overflow" - - Project curl Security Advisory "SMTP end-of-response out-of-bounds read" For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could allow an attacker to circumvent the system authorization for certain functionalities, and to execute privileged functions.", title: "Risk evaluation", }, { category: "other", text: "Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "general", text: "Impact of libcurl vulnerabilities to other Siemens products:\n\n- - Siemens Security Advisory SSA-936080\n\nFor more details regarding the libcurl vulnerability refer to:\n\n- - Project curl Security Advisory \"NTLM type-2 out-of-bounds buffer\n read\"\n\n- - Project curl Security Advisory \"NTLMv2 type-3 header stack buffer\n overflow\"\n\n- - Project curl Security Advisory \"SMTP end-of-response out-of-bounds\n read\"\n\nFor further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "general", text: "Impact of libcurl vulnerabilities to other Siemens products: - - Siemens Security Advisory SSA-936080 For more details regarding the libcurl vulnerability refer to: - - Project curl Security Advisory \"NTLM type-2 out-of-bounds buffer read\" - - Project curl Security Advisory \"NTLMv2 type-3 header stack buffer overflow\" - - Project curl Security Advisory \"SMTP end-of-response out-of-bounds read\" For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "ICS Advisory ICSA-19-099-04 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-099-04.json", }, { category: "self", summary: "ICS Advisory ICSA-19-099-04 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-19-099-04", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B", }, { category: "external", summary: "SSA-496604: SSA-436177: Multiple Vulnerabilities in SINEMA Remote Connect - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/SSA-436177.txt", }, ], title: "Siemens SINEMA Remote Connect (Update A)", tracking: { current_release_date: "2021-03-09T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-19-099-04", initial_release_date: "2019-04-09T00:00:00.000000Z", revision_history: [ { date: "2019-04-09T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSA-19-099-04 Siemens SINEMA Remote Connect", }, { date: "2021-03-09T00:00:00.000000Z", legacy_version: "A", number: "2", summary: "ICSA-19-099-04 Siemens SINEMA Remote Connect (Update A)", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "All versions < V2.0 HF1", product: { name: "SINEMA Remote Connect Client: All versions < V2.0 HF1", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "SINEMA Remote Connect Client", }, { branches: [ { category: "product_version_range", name: "All versions < V2.0", product: { name: "SINEMA Remote Connect Server: All versions < V2.0", product_id: "CSAFPID-0002", }, }, ], category: "product_name", name: "SINEMA Remote Connect Server", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2018-14618", cwe: { id: "CWE-131", name: "Incorrect Calculation of Buffer Size", }, notes: [ { category: "summary", text: "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl.", title: "Summary", }, { category: "summary", text: "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14618", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2018-16890", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a heap buffer out-of-bounds read.", title: "Summary", }, { category: "summary", text: "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16890", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2019-3822", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a stack-based buffer overflow.", title: "Summary", }, { category: "summary", text: "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3822", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2019-3823", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP.", title: "Summary", }, { category: "summary", text: "This vulnerability could allow an attacker to trigger a Denial-of-Service condition on the affected devices.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3823", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2019-6570", cwe: { id: "CWE-280", name: "Improper Handling of Insufficient Permissions or Privileges ", }, notes: [ { category: "summary", text: "Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization.", title: "Summary", }, { category: "summary", text: "An attacker must have access to a low privileged account in order to exploit the vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6570", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0002", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, ], }
ICSA-21-068-10
Vulnerability from csaf_cisa
Published
2021-03-09 00:00
Modified
2021-09-14 00:00
Summary
Siemens SCALANCE and SIMATIC libcurl (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of this third-party vulnerability could allow an attacker to cause a denial-of-service condition on the affected devices.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
Impact of libcurl vulnerabilities to other Siemens products:
- - Siemens Security Advisory SSA-936080
For more details regarding the libcurl vulnerability refer to:
- - Project curl Security Advisory "NTLM type-2 out-of-bounds buffer
read"
- - Project curl Security Advisory "NTLMv2 type-3 header stack buffer
overflow"
- - Project curl Security Advisory "SMTP end-of-response out-of-bounds
read"
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
Impact of libcurl vulnerabilities to other Siemens products: - - Siemens Security Advisory SSA-936080 For more details regarding the libcurl vulnerability refer to: - - Project curl Security Advisory "NTLM type-2 out-of-bounds buffer read" - - Project curl Security Advisory "NTLMv2 type-3 header stack buffer overflow" - - Project curl Security Advisory "SMTP end-of-response out-of-bounds read" For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target this vulnerability.
{ document: { acknowledgments: [ { organization: "Siemens", summary: "reporting this vulnerability to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of this third-party vulnerability could allow an attacker to cause a denial-of-service condition on the affected devices.", title: "Risk evaluation", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "general", text: "Impact of libcurl vulnerabilities to other Siemens products:\n\n- - Siemens Security Advisory SSA-936080\n\nFor more details regarding the libcurl vulnerability refer to:\n\n- - Project curl Security Advisory \"NTLM type-2 out-of-bounds buffer\n read\"\n\n- - Project curl Security Advisory \"NTLMv2 type-3 header stack buffer\n overflow\"\n\n- - Project curl Security Advisory \"SMTP end-of-response out-of-bounds\n read\"\n\nFor further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "general", text: "Impact of libcurl vulnerabilities to other Siemens products: - - Siemens Security Advisory SSA-936080 For more details regarding the libcurl vulnerability refer to: - - Project curl Security Advisory \"NTLM type-2 out-of-bounds buffer read\" - - Project curl Security Advisory \"NTLMv2 type-3 header stack buffer overflow\" - - Project curl Security Advisory \"SMTP end-of-response out-of-bounds read\" For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "other", text: "No known public exploits specifically target this vulnerability.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "ICS Advisory ICSA-21-068-10 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-068-10.json", }, { category: "self", summary: "ICS Advisory ICSA-21-068-10 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-068-10", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B", }, { category: "external", summary: "SSA-496604: SSA-436177: Multiple Vulnerabilities in SINEMA Remote Connect - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/SSA-436177.txt", }, ], title: "Siemens SCALANCE and SIMATIC libcurl (Update B)", tracking: { current_release_date: "2021-09-14T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-21-068-10", initial_release_date: "2021-03-09T00:00:00.000000Z", revision_history: [ { date: "2021-03-09T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSA-21-068-10 Siemens SCALANCE and SIMATIC libcurl", }, { date: "2021-05-11T00:00:00.000000Z", legacy_version: "A", number: "2", summary: "ICSA-21-068-10 Siemens SCALANCE and SIMATIC libcurl (Update A)", }, { date: "2021-09-14T00:00:00.000000Z", legacy_version: "B", number: "3", summary: "ICSA-21-068-10 Siemens SCALANCE and SIMATIC libcurl (Update B)", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "All versions < V2.0 HF1", product: { name: "SINEMA Remote Connect Client: All versions < V2.0 HF1", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "SINEMA Remote Connect Client", }, { branches: [ { category: "product_version_range", name: "All versions < V2.0", product: { name: "SINEMA Remote Connect Server: All versions < V2.0", product_id: "CSAFPID-0002", }, }, ], category: "product_name", name: "SINEMA Remote Connect Server", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2018-14618", cwe: { id: "CWE-131", name: "Incorrect Calculation of Buffer Size", }, notes: [ { category: "summary", text: "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl.", title: "Summary", }, { category: "summary", text: "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2018-16890", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a heap buffer out-of-bounds read.", title: "Summary", }, { category: "summary", text: "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2019-3822", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a stack-based buffer overflow.", title: "Summary", }, { category: "summary", text: "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2019-3823", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP.", title: "Summary", }, { category: "summary", text: "This vulnerability could allow an attacker to trigger a Denial-of-Service condition on the affected devices.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3823", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2019-6570", cwe: { id: "CWE-280", name: "Improper Handling of Insufficient Permissions or Privileges ", }, notes: [ { category: "summary", text: "Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization.", title: "Summary", }, { category: "summary", text: "An attacker must have access to a low privileged account in order to exploit the vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0002", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, ], }
icsa-19-099-04
Vulnerability from csaf_cisa
Published
2019-04-09 00:00
Modified
2021-03-09 00:00
Summary
Siemens SINEMA Remote Connect (Update A)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to circumvent the system authorization for certain functionalities, and to execute privileged functions.
Critical infrastructure sectors
Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
Impact of libcurl vulnerabilities to other Siemens products:
- - Siemens Security Advisory SSA-936080
For more details regarding the libcurl vulnerability refer to:
- - Project curl Security Advisory "NTLM type-2 out-of-bounds buffer
read"
- - Project curl Security Advisory "NTLMv2 type-3 header stack buffer
overflow"
- - Project curl Security Advisory "SMTP end-of-response out-of-bounds
read"
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
Impact of libcurl vulnerabilities to other Siemens products: - - Siemens Security Advisory SSA-936080 For more details regarding the libcurl vulnerability refer to: - - Project curl Security Advisory "NTLM type-2 out-of-bounds buffer read" - - Project curl Security Advisory "NTLMv2 type-3 header stack buffer overflow" - - Project curl Security Advisory "SMTP end-of-response out-of-bounds read" For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could allow an attacker to circumvent the system authorization for certain functionalities, and to execute privileged functions.", title: "Risk evaluation", }, { category: "other", text: "Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "general", text: "Impact of libcurl vulnerabilities to other Siemens products:\n\n- - Siemens Security Advisory SSA-936080\n\nFor more details regarding the libcurl vulnerability refer to:\n\n- - Project curl Security Advisory \"NTLM type-2 out-of-bounds buffer\n read\"\n\n- - Project curl Security Advisory \"NTLMv2 type-3 header stack buffer\n overflow\"\n\n- - Project curl Security Advisory \"SMTP end-of-response out-of-bounds\n read\"\n\nFor further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "general", text: "Impact of libcurl vulnerabilities to other Siemens products: - - Siemens Security Advisory SSA-936080 For more details regarding the libcurl vulnerability refer to: - - Project curl Security Advisory \"NTLM type-2 out-of-bounds buffer read\" - - Project curl Security Advisory \"NTLMv2 type-3 header stack buffer overflow\" - - Project curl Security Advisory \"SMTP end-of-response out-of-bounds read\" For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "ICS Advisory ICSA-19-099-04 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-099-04.json", }, { category: "self", summary: "ICS Advisory ICSA-19-099-04 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-19-099-04", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B", }, { category: "external", summary: "SSA-496604: SSA-436177: Multiple Vulnerabilities in SINEMA Remote Connect - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/SSA-436177.txt", }, ], title: "Siemens SINEMA Remote Connect (Update A)", tracking: { current_release_date: "2021-03-09T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-19-099-04", initial_release_date: "2019-04-09T00:00:00.000000Z", revision_history: [ { date: "2019-04-09T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSA-19-099-04 Siemens SINEMA Remote Connect", }, { date: "2021-03-09T00:00:00.000000Z", legacy_version: "A", number: "2", summary: "ICSA-19-099-04 Siemens SINEMA Remote Connect (Update A)", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "All versions < V2.0 HF1", product: { name: "SINEMA Remote Connect Client: All versions < V2.0 HF1", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "SINEMA Remote Connect Client", }, { branches: [ { category: "product_version_range", name: "All versions < V2.0", product: { name: "SINEMA Remote Connect Server: All versions < V2.0", product_id: "CSAFPID-0002", }, }, ], category: "product_name", name: "SINEMA Remote Connect Server", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2018-14618", cwe: { id: "CWE-131", name: "Incorrect Calculation of Buffer Size", }, notes: [ { category: "summary", text: "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl.", title: "Summary", }, { category: "summary", text: "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14618", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2018-16890", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a heap buffer out-of-bounds read.", title: "Summary", }, { category: "summary", text: "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16890", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2019-3822", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "summary", text: "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a stack-based buffer overflow.", title: "Summary", }, { category: "summary", text: "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3822", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2019-3823", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP.", title: "Summary", }, { category: "summary", text: "This vulnerability could allow an attacker to trigger a Denial-of-Service condition on the affected devices.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3823", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, { cve: "CVE-2019-6570", cwe: { id: "CWE-280", name: "Improper Handling of Insufficient Permissions or Privileges ", }, notes: [ { category: "summary", text: "Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization.", title: "Summary", }, { category: "summary", text: "An attacker must have access to a low privileged account in order to exploit the vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/de/en/view/109764829/", url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6570", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Turn off SMTP to mitigate CVE-2019-3823", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Update to V2.0 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ", product_ids: [ "CSAFPID-0002", ], url: "https://support.industry.siemens.com/cs/de/en/view/109764829/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", ], }, ], }, ], }
opensuse-su-2024:10582-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
curl-7.79.1-1.1 on GA media
Notes
Title of the patch
curl-7.79.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the curl-7.79.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10582
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "curl-7.79.1-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the curl-7.79.1-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-10582", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10582-1.json", }, { category: "self", summary: "SUSE CVE CVE-2006-1061 page", url: "https://www.suse.com/security/cve/CVE-2006-1061/", }, { category: "self", summary: "SUSE CVE CVE-2016-9586 page", url: "https://www.suse.com/security/cve/CVE-2016-9586/", }, { category: "self", summary: "SUSE CVE CVE-2016-9594 page", url: "https://www.suse.com/security/cve/CVE-2016-9594/", }, { category: "self", summary: "SUSE CVE CVE-2017-1000099 page", url: "https://www.suse.com/security/cve/CVE-2017-1000099/", }, { category: "self", summary: "SUSE CVE CVE-2017-1000100 page", url: "https://www.suse.com/security/cve/CVE-2017-1000100/", }, { category: "self", summary: "SUSE CVE CVE-2017-1000101 page", url: "https://www.suse.com/security/cve/CVE-2017-1000101/", }, { category: "self", summary: "SUSE CVE CVE-2017-1000254 page", url: "https://www.suse.com/security/cve/CVE-2017-1000254/", }, { category: "self", summary: "SUSE CVE CVE-2017-1000257 page", url: "https://www.suse.com/security/cve/CVE-2017-1000257/", }, { category: "self", summary: "SUSE CVE CVE-2017-2629 page", url: "https://www.suse.com/security/cve/CVE-2017-2629/", }, { category: "self", summary: "SUSE CVE CVE-2017-7468 page", url: "https://www.suse.com/security/cve/CVE-2017-7468/", }, { category: "self", summary: "SUSE CVE CVE-2017-8816 page", url: "https://www.suse.com/security/cve/CVE-2017-8816/", }, { category: "self", summary: "SUSE CVE CVE-2017-8817 page", url: "https://www.suse.com/security/cve/CVE-2017-8817/", }, { category: "self", summary: "SUSE CVE CVE-2017-8818 page", url: "https://www.suse.com/security/cve/CVE-2017-8818/", }, { category: "self", summary: "SUSE CVE CVE-2017-9502 page", url: "https://www.suse.com/security/cve/CVE-2017-9502/", }, { category: "self", summary: "SUSE CVE CVE-2018-0500 page", url: "https://www.suse.com/security/cve/CVE-2018-0500/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000005 page", url: "https://www.suse.com/security/cve/CVE-2018-1000005/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000120 page", url: "https://www.suse.com/security/cve/CVE-2018-1000120/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000122 page", url: "https://www.suse.com/security/cve/CVE-2018-1000122/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000300 page", url: "https://www.suse.com/security/cve/CVE-2018-1000300/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000301 page", url: "https://www.suse.com/security/cve/CVE-2018-1000301/", }, { category: "self", summary: "SUSE CVE CVE-2018-14618 page", url: "https://www.suse.com/security/cve/CVE-2018-14618/", }, { category: "self", summary: "SUSE CVE CVE-2018-16839 page", url: "https://www.suse.com/security/cve/CVE-2018-16839/", }, { category: "self", summary: "SUSE CVE CVE-2018-16840 page", url: "https://www.suse.com/security/cve/CVE-2018-16840/", }, { category: "self", summary: "SUSE CVE CVE-2018-16842 page", url: "https://www.suse.com/security/cve/CVE-2018-16842/", }, { category: "self", summary: "SUSE CVE CVE-2018-16890 page", url: "https://www.suse.com/security/cve/CVE-2018-16890/", }, { category: "self", summary: "SUSE CVE CVE-2019-15601 page", url: "https://www.suse.com/security/cve/CVE-2019-15601/", }, { category: "self", summary: "SUSE CVE CVE-2019-3822 page", url: "https://www.suse.com/security/cve/CVE-2019-3822/", }, { category: "self", summary: "SUSE CVE CVE-2019-3823 page", url: "https://www.suse.com/security/cve/CVE-2019-3823/", }, { category: "self", summary: "SUSE CVE CVE-2019-5435 page", url: "https://www.suse.com/security/cve/CVE-2019-5435/", }, { category: "self", summary: "SUSE CVE CVE-2019-5436 page", url: "https://www.suse.com/security/cve/CVE-2019-5436/", }, { category: "self", summary: "SUSE CVE CVE-2019-5481 page", url: "https://www.suse.com/security/cve/CVE-2019-5481/", }, { category: "self", summary: "SUSE CVE CVE-2019-5482 page", url: "https://www.suse.com/security/cve/CVE-2019-5482/", }, { category: "self", summary: "SUSE CVE CVE-2020-8169 page", url: "https://www.suse.com/security/cve/CVE-2020-8169/", }, { category: "self", summary: "SUSE CVE CVE-2020-8231 page", url: "https://www.suse.com/security/cve/CVE-2020-8231/", }, { category: "self", summary: "SUSE CVE CVE-2020-8284 page", url: "https://www.suse.com/security/cve/CVE-2020-8284/", }, { category: "self", summary: "SUSE CVE CVE-2020-8285 page", url: "https://www.suse.com/security/cve/CVE-2020-8285/", }, { category: "self", summary: "SUSE CVE CVE-2020-8286 page", url: "https://www.suse.com/security/cve/CVE-2020-8286/", }, { category: "self", summary: "SUSE CVE CVE-2021-22297 page", url: "https://www.suse.com/security/cve/CVE-2021-22297/", }, { category: "self", summary: "SUSE CVE CVE-2021-22298 page", url: "https://www.suse.com/security/cve/CVE-2021-22298/", }, { category: "self", summary: "SUSE CVE CVE-2021-22876 page", url: "https://www.suse.com/security/cve/CVE-2021-22876/", }, { category: "self", summary: "SUSE CVE CVE-2021-22890 page", url: "https://www.suse.com/security/cve/CVE-2021-22890/", }, { category: "self", summary: "SUSE CVE CVE-2021-22898 page", url: "https://www.suse.com/security/cve/CVE-2021-22898/", }, { category: "self", summary: "SUSE CVE CVE-2021-22901 page", url: "https://www.suse.com/security/cve/CVE-2021-22901/", }, { category: "self", summary: "SUSE CVE CVE-2021-22922 page", url: "https://www.suse.com/security/cve/CVE-2021-22922/", }, { category: "self", summary: "SUSE CVE CVE-2021-22924 page", url: "https://www.suse.com/security/cve/CVE-2021-22924/", }, { category: "self", summary: "SUSE CVE CVE-2021-22945 page", url: "https://www.suse.com/security/cve/CVE-2021-22945/", }, { category: "self", summary: "SUSE CVE CVE-2021-22946 page", url: "https://www.suse.com/security/cve/CVE-2021-22946/", }, { category: "self", summary: "SUSE CVE CVE-2021-22947 page", url: "https://www.suse.com/security/cve/CVE-2021-22947/", }, ], title: "curl-7.79.1-1.1 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:10582-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "curl-7.79.1-1.1.aarch64", product: { name: "curl-7.79.1-1.1.aarch64", product_id: "curl-7.79.1-1.1.aarch64", }, }, { category: "product_version", name: "libcurl-devel-7.79.1-1.1.aarch64", product: { name: "libcurl-devel-7.79.1-1.1.aarch64", product_id: "libcurl-devel-7.79.1-1.1.aarch64", }, }, { category: "product_version", name: "libcurl-devel-32bit-7.79.1-1.1.aarch64", product: { name: "libcurl-devel-32bit-7.79.1-1.1.aarch64", product_id: "libcurl-devel-32bit-7.79.1-1.1.aarch64", }, }, { category: "product_version", name: "libcurl4-7.79.1-1.1.aarch64", product: { name: "libcurl4-7.79.1-1.1.aarch64", product_id: "libcurl4-7.79.1-1.1.aarch64", }, }, { category: "product_version", name: "libcurl4-32bit-7.79.1-1.1.aarch64", product: { name: "libcurl4-32bit-7.79.1-1.1.aarch64", product_id: "libcurl4-32bit-7.79.1-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "curl-7.79.1-1.1.ppc64le", product: { name: "curl-7.79.1-1.1.ppc64le", product_id: "curl-7.79.1-1.1.ppc64le", }, }, { category: "product_version", name: "libcurl-devel-7.79.1-1.1.ppc64le", product: { name: "libcurl-devel-7.79.1-1.1.ppc64le", product_id: "libcurl-devel-7.79.1-1.1.ppc64le", }, }, { category: "product_version", name: "libcurl-devel-32bit-7.79.1-1.1.ppc64le", product: { name: "libcurl-devel-32bit-7.79.1-1.1.ppc64le", product_id: "libcurl-devel-32bit-7.79.1-1.1.ppc64le", }, }, { category: "product_version", name: "libcurl4-7.79.1-1.1.ppc64le", product: { name: "libcurl4-7.79.1-1.1.ppc64le", product_id: "libcurl4-7.79.1-1.1.ppc64le", }, }, { category: "product_version", name: "libcurl4-32bit-7.79.1-1.1.ppc64le", product: { name: "libcurl4-32bit-7.79.1-1.1.ppc64le", product_id: "libcurl4-32bit-7.79.1-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "curl-7.79.1-1.1.s390x", product: { name: "curl-7.79.1-1.1.s390x", product_id: "curl-7.79.1-1.1.s390x", }, }, { category: "product_version", name: "libcurl-devel-7.79.1-1.1.s390x", product: { name: "libcurl-devel-7.79.1-1.1.s390x", product_id: "libcurl-devel-7.79.1-1.1.s390x", }, }, { category: "product_version", name: "libcurl-devel-32bit-7.79.1-1.1.s390x", product: { name: "libcurl-devel-32bit-7.79.1-1.1.s390x", product_id: "libcurl-devel-32bit-7.79.1-1.1.s390x", }, }, { category: "product_version", name: "libcurl4-7.79.1-1.1.s390x", product: { name: "libcurl4-7.79.1-1.1.s390x", product_id: "libcurl4-7.79.1-1.1.s390x", }, }, { category: "product_version", name: "libcurl4-32bit-7.79.1-1.1.s390x", product: { name: "libcurl4-32bit-7.79.1-1.1.s390x", product_id: "libcurl4-32bit-7.79.1-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "curl-7.79.1-1.1.x86_64", product: { name: "curl-7.79.1-1.1.x86_64", product_id: "curl-7.79.1-1.1.x86_64", }, }, { category: "product_version", name: "libcurl-devel-7.79.1-1.1.x86_64", product: { name: "libcurl-devel-7.79.1-1.1.x86_64", product_id: "libcurl-devel-7.79.1-1.1.x86_64", }, }, { category: "product_version", name: "libcurl-devel-32bit-7.79.1-1.1.x86_64", product: { name: "libcurl-devel-32bit-7.79.1-1.1.x86_64", product_id: "libcurl-devel-32bit-7.79.1-1.1.x86_64", }, }, { category: "product_version", name: "libcurl4-7.79.1-1.1.x86_64", product: { name: "libcurl4-7.79.1-1.1.x86_64", product_id: "libcurl4-7.79.1-1.1.x86_64", }, }, { category: "product_version", name: "libcurl4-32bit-7.79.1-1.1.x86_64", product: { name: "libcurl4-32bit-7.79.1-1.1.x86_64", product_id: "libcurl4-32bit-7.79.1-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "curl-7.79.1-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", }, product_reference: "curl-7.79.1-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "curl-7.79.1-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", }, product_reference: "curl-7.79.1-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "curl-7.79.1-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", }, product_reference: "curl-7.79.1-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "curl-7.79.1-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", }, product_reference: "curl-7.79.1-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.79.1-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", }, product_reference: "libcurl-devel-7.79.1-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.79.1-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", }, product_reference: "libcurl-devel-7.79.1-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.79.1-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", }, product_reference: "libcurl-devel-7.79.1-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.79.1-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", }, product_reference: "libcurl-devel-7.79.1-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-32bit-7.79.1-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", }, product_reference: "libcurl-devel-32bit-7.79.1-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-32bit-7.79.1-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", }, product_reference: "libcurl-devel-32bit-7.79.1-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-32bit-7.79.1-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", }, product_reference: "libcurl-devel-32bit-7.79.1-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-32bit-7.79.1-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", }, product_reference: "libcurl-devel-32bit-7.79.1-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.79.1-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", }, product_reference: "libcurl4-7.79.1-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.79.1-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", }, product_reference: "libcurl4-7.79.1-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.79.1-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", }, product_reference: "libcurl4-7.79.1-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.79.1-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", }, product_reference: "libcurl4-7.79.1-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.79.1-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", }, product_reference: "libcurl4-32bit-7.79.1-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.79.1-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", }, product_reference: "libcurl4-32bit-7.79.1-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.79.1-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", }, product_reference: "libcurl4-32bit-7.79.1-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.79.1-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", }, product_reference: "libcurl4-32bit-7.79.1-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2006-1061", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-1061", }, ], notes: [ { category: "general", text: "Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-1061", url: "https://www.suse.com/security/cve/CVE-2006-1061", }, { category: "external", summary: "SUSE Bug 157874 for CVE-2006-1061", url: "https://bugzilla.suse.com/157874", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2006-1061", }, { cve: "CVE-2016-9586", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9586", }, ], notes: [ { category: "general", text: "curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9586", url: "https://www.suse.com/security/cve/CVE-2016-9586", }, { category: "external", summary: "SUSE Bug 1015332 for CVE-2016-9586", url: "https://bugzilla.suse.com/1015332", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-9586", }, { cve: "CVE-2016-9594", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9594", }, ], notes: [ { category: "general", text: "curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9594", url: "https://www.suse.com/security/cve/CVE-2016-9594", }, { category: "external", summary: "SUSE Bug 1016738 for CVE-2016-9594", url: "https://bugzilla.suse.com/1016738", }, { category: "external", summary: "SUSE Bug 1017161 for CVE-2016-9594", url: "https://bugzilla.suse.com/1017161", }, { category: "external", summary: "SUSE Bug 1042181 for CVE-2016-9594", url: "https://bugzilla.suse.com/1042181", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-9594", }, { cve: "CVE-2017-1000099", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-1000099", }, ], notes: [ { category: "general", text: "When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user (stdout or the application's provide callback), which could lead to other private data from the heap to get inadvertently displayed. The wrong buffer was an uninitialized memory area allocated on the heap and if it turned out to not contain any zero byte, it would continue and display the data following that buffer in memory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-1000099", url: "https://www.suse.com/security/cve/CVE-2017-1000099", }, { category: "external", summary: "SUSE Bug 1051645 for CVE-2017-1000099", url: "https://bugzilla.suse.com/1051645", }, { category: "external", summary: "SUSE Bug 1053919 for CVE-2017-1000099", url: "https://bugzilla.suse.com/1053919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-1000099", }, { cve: "CVE-2017-1000100", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-1000100", }, ], notes: [ { category: "general", text: "When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn't restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl's redirect protocols with --proto-redir and libcurl's with CURLOPT_REDIR_PROTOCOLS.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-1000100", url: "https://www.suse.com/security/cve/CVE-2017-1000100", }, { category: "external", summary: "SUSE Bug 1051644 for CVE-2017-1000100", url: "https://bugzilla.suse.com/1051644", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2017-1000100", }, { cve: "CVE-2017-1000101", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-1000101", }, ], notes: [ { category: "general", text: "curl supports \"globbing\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-1000101", url: "https://www.suse.com/security/cve/CVE-2017-1000101", }, { category: "external", summary: "SUSE Bug 1051643 for CVE-2017-1000101", url: "https://bugzilla.suse.com/1051643", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-1000101", }, { cve: "CVE-2017-1000254", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-1000254", }, ], notes: [ { category: "general", text: "libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory with the `PWD` command. The server then responds with a 257 response containing the path, inside double quotes. The returned path name is then kept by libcurl for subsequent uses. Due to a flaw in the string parser for this directory name, a directory name passed like this but without a closing double quote would lead to libcurl not adding a trailing NUL byte to the buffer holding the name. When libcurl would then later access the string, it could read beyond the allocated heap buffer and crash or wrongly access data beyond the buffer, thinking it was part of the path. A malicious server could abuse this fact and effectively prevent libcurl-based clients to work with it - the PWD command is always issued on new FTP connections and the mistake has a high chance of causing a segfault. The simple fact that this has issue remained undiscovered for this long could suggest that malformed PWD responses are rare in benign servers. We are not aware of any exploit of this flaw. This bug was introduced in commit [415d2e7cb7](https://github.com/curl/curl/commit/415d2e7cb7), March 2005. In libcurl version 7.56.0, the parser always zero terminates the string but also rejects it if not terminated properly with a final double quote.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-1000254", url: "https://www.suse.com/security/cve/CVE-2017-1000254", }, { category: "external", summary: "SUSE Bug 1061876 for CVE-2017-1000254", url: "https://bugzilla.suse.com/1061876", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2017-1000254", }, { cve: "CVE-2017-1000257", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-1000257", }, ], notes: [ { category: "general", text: "An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-1000257", url: "https://www.suse.com/security/cve/CVE-2017-1000257", }, { category: "external", summary: "SUSE Bug 1063824 for CVE-2017-1000257", url: "https://bugzilla.suse.com/1063824", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-1000257", }, { cve: "CVE-2017-2629", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-2629", }, ], notes: [ { category: "general", text: "curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid proof, even when there is none or if the server doesn't support the TLS extension in question. This could lead to users not detecting when a server's certificate goes invalid or otherwise be mislead that the server is in a better shape than it is in reality. This flaw also exists in the command line tool (--cert-status).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-2629", url: "https://www.suse.com/security/cve/CVE-2017-2629", }, { category: "external", summary: "SUSE Bug 1025379 for CVE-2017-2629", url: "https://bugzilla.suse.com/1025379", }, { category: "external", summary: "SUSE Bug 1042181 for CVE-2017-2629", url: "https://bugzilla.suse.com/1042181", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-2629", }, { cve: "CVE-2017-7468", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7468", }, ], notes: [ { category: "general", text: "In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the old identity which was established by the previous certificate (or no certificate). libcurl supports by default the use of TLS session id/ticket to resume previous TLS sessions to speed up subsequent TLS handshakes. They are used when for any reason an existing TLS connection couldn't be kept alive to make the next handshake faster. This flaw is a regression and identical to CVE-2016-5419 reported on August 3rd 2016, but affecting a different version range.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7468", url: "https://www.suse.com/security/cve/CVE-2017-7468", }, { category: "external", summary: "SUSE Bug 1033413 for CVE-2017-7468", url: "https://bugzilla.suse.com/1033413", }, { category: "external", summary: "SUSE Bug 1033442 for CVE-2017-7468", url: "https://bugzilla.suse.com/1033442", }, { category: "external", summary: "SUSE Bug 1042181 for CVE-2017-7468", url: "https://bugzilla.suse.com/1042181", }, { category: "external", summary: "SUSE Bug 991389 for CVE-2017-7468", url: "https://bugzilla.suse.com/991389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2017-7468", }, { cve: "CVE-2017-8816", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-8816", }, ], notes: [ { category: "general", text: "The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-8816", url: "https://www.suse.com/security/cve/CVE-2017-8816", }, { category: "external", summary: "SUSE Bug 1069226 for CVE-2017-8816", url: "https://bugzilla.suse.com/1069226", }, { category: "external", summary: "SUSE Bug 1106019 for CVE-2017-8816", url: "https://bugzilla.suse.com/1106019", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-8816", }, { cve: "CVE-2017-8817", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-8817", }, ], notes: [ { category: "general", text: "The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-8817", url: "https://www.suse.com/security/cve/CVE-2017-8817", }, { category: "external", summary: "SUSE Bug 1069222 for CVE-2017-8817", url: "https://bugzilla.suse.com/1069222", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-8817", }, { cve: "CVE-2017-8818", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-8818", }, ], notes: [ { category: "general", text: "curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-8818", url: "https://www.suse.com/security/cve/CVE-2017-8818", }, { category: "external", summary: "SUSE Bug 1069714 for CVE-2017-8818", url: "https://bugzilla.suse.com/1069714", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2017-8818", }, { cve: "CVE-2017-9502", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9502", }, ], notes: [ { category: "general", text: "In curl before 7.54.1 on Windows and DOS, libcurl's default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based memory buffer with seven bytes. If the default protocol is specified to be FILE or a file: URL lacks two slashes, the given \"URL\" starts with a drive letter, and libcurl is built for Windows or DOS, then libcurl would copy the path 7 bytes off, so that the end of the given path would write beyond the malloc buffer (7 bytes being the length in bytes of the ascii string \"file://\").", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9502", url: "https://www.suse.com/security/cve/CVE-2017-9502", }, { category: "external", summary: "SUSE Bug 1044243 for CVE-2017-9502", url: "https://bugzilla.suse.com/1044243", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9502", }, { cve: "CVE-2018-0500", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-0500", }, ], notes: [ { category: "general", text: "Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-0500", url: "https://www.suse.com/security/cve/CVE-2018-0500", }, { category: "external", summary: "SUSE Bug 1099793 for CVE-2018-0500", url: "https://bugzilla.suse.com/1099793", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-0500", }, { cve: "CVE-2018-1000005", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000005", }, ], notes: [ { category: "general", text: "libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1000005", url: "https://www.suse.com/security/cve/CVE-2018-1000005", }, { category: "external", summary: "SUSE Bug 1076360 for CVE-2018-1000005", url: "https://bugzilla.suse.com/1076360", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2018-1000005", }, { cve: "CVE-2018-1000120", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000120", }, ], notes: [ { category: "general", text: "A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1000120", url: "https://www.suse.com/security/cve/CVE-2018-1000120", }, { category: "external", summary: "SUSE Bug 1084521 for CVE-2018-1000120", url: "https://bugzilla.suse.com/1084521", }, { category: "external", summary: "SUSE Bug 1101811 for CVE-2018-1000120", url: "https://bugzilla.suse.com/1101811", }, { category: "external", summary: "SUSE Bug 1112526 for CVE-2018-1000120", url: "https://bugzilla.suse.com/1112526", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-1000120", }, { cve: "CVE-2018-1000122", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000122", }, ], notes: [ { category: "general", text: "A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1000122", url: "https://www.suse.com/security/cve/CVE-2018-1000122", }, { category: "external", summary: "SUSE Bug 1084532 for CVE-2018-1000122", url: "https://bugzilla.suse.com/1084532", }, { category: "external", summary: "SUSE Bug 1101811 for CVE-2018-1000122", url: "https://bugzilla.suse.com/1101811", }, { category: "external", summary: "SUSE Bug 1112526 for CVE-2018-1000122", url: "https://bugzilla.suse.com/1112526", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-1000122", }, { cve: "CVE-2018-1000300", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000300", }, ], notes: [ { category: "general", text: "curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1000300", url: "https://www.suse.com/security/cve/CVE-2018-1000300", }, { category: "external", summary: "SUSE Bug 1092094 for CVE-2018-1000300", url: "https://bugzilla.suse.com/1092094", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2018-1000300", }, { cve: "CVE-2018-1000301", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000301", }, ], notes: [ { category: "general", text: "curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1000301", url: "https://www.suse.com/security/cve/CVE-2018-1000301", }, { category: "external", summary: "SUSE Bug 1092098 for CVE-2018-1000301", url: "https://bugzilla.suse.com/1092098", }, { category: "external", summary: "SUSE Bug 1122464 for CVE-2018-1000301", url: "https://bugzilla.suse.com/1122464", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2018-1000301", }, { cve: "CVE-2018-14618", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14618", }, ], notes: [ { category: "general", text: "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14618", url: "https://www.suse.com/security/cve/CVE-2018-14618", }, { category: "external", summary: "SUSE Bug 1106019 for CVE-2018-14618", url: "https://bugzilla.suse.com/1106019", }, { category: "external", summary: "SUSE Bug 1112758 for CVE-2018-14618", url: "https://bugzilla.suse.com/1112758", }, { category: "external", summary: "SUSE Bug 1122464 for CVE-2018-14618", url: "https://bugzilla.suse.com/1122464", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-14618", }, { cve: "CVE-2018-16839", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16839", }, ], notes: [ { category: "general", text: "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16839", url: "https://www.suse.com/security/cve/CVE-2018-16839", }, { category: "external", summary: "SUSE Bug 1112758 for CVE-2018-16839", url: "https://bugzilla.suse.com/1112758", }, { category: "external", summary: "SUSE Bug 1113029 for CVE-2018-16839", url: "https://bugzilla.suse.com/1113029", }, { category: "external", summary: "SUSE Bug 1131886 for CVE-2018-16839", url: "https://bugzilla.suse.com/1131886", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-16839", }, { cve: "CVE-2018-16840", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16840", }, ], notes: [ { category: "general", text: "A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16840", url: "https://www.suse.com/security/cve/CVE-2018-16840", }, { category: "external", summary: "SUSE Bug 1112758 for CVE-2018-16840", url: "https://bugzilla.suse.com/1112758", }, { category: "external", summary: "SUSE Bug 1113029 for CVE-2018-16840", url: "https://bugzilla.suse.com/1113029", }, { category: "external", summary: "SUSE Bug 1122464 for CVE-2018-16840", url: "https://bugzilla.suse.com/1122464", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-16840", }, { cve: "CVE-2018-16842", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16842", }, ], notes: [ { category: "general", text: "Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16842", url: "https://www.suse.com/security/cve/CVE-2018-16842", }, { category: "external", summary: "SUSE Bug 1113660 for CVE-2018-16842", url: "https://bugzilla.suse.com/1113660", }, { category: "external", summary: "SUSE Bug 1122464 for CVE-2018-16842", url: "https://bugzilla.suse.com/1122464", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-16842", }, { cve: "CVE-2018-16890", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16890", }, ], notes: [ { category: "general", text: "libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16890", url: "https://www.suse.com/security/cve/CVE-2018-16890", }, { category: "external", summary: "SUSE Bug 1123371 for CVE-2018-16890", url: "https://bugzilla.suse.com/1123371", }, { category: "external", summary: "SUSE Bug 1123378 for CVE-2018-16890", url: "https://bugzilla.suse.com/1123378", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2018-16890", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-16890", }, { cve: "CVE-2019-15601", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15601", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15601", url: "https://www.suse.com/security/cve/CVE-2019-15601", }, { category: "external", summary: "SUSE Bug 1160301 for CVE-2019-15601", url: "https://bugzilla.suse.com/1160301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-15601", }, { cve: "CVE-2019-3822", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3822", }, ], notes: [ { category: "general", text: "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3822", url: "https://www.suse.com/security/cve/CVE-2019-3822", }, { category: "external", summary: "SUSE Bug 1123377 for CVE-2019-3822", url: "https://bugzilla.suse.com/1123377", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2019-3822", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-3822", }, { cve: "CVE-2019-3823", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3823", }, ], notes: [ { category: "general", text: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3823", url: "https://www.suse.com/security/cve/CVE-2019-3823", }, { category: "external", summary: "SUSE Bug 1123378 for CVE-2019-3823", url: "https://bugzilla.suse.com/1123378", }, { category: "external", summary: "SUSE Bug 1126909 for CVE-2019-3823", url: "https://bugzilla.suse.com/1126909", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2019-3823", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3823", }, { cve: "CVE-2019-5435", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5435", }, ], notes: [ { category: "general", text: "An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5435", url: "https://www.suse.com/security/cve/CVE-2019-5435", }, { category: "external", summary: "SUSE Bug 1135176 for CVE-2019-5435", url: "https://bugzilla.suse.com/1135176", }, { category: "external", summary: "SUSE Bug 1154162 for CVE-2019-5435", url: "https://bugzilla.suse.com/1154162", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-5435", }, { cve: "CVE-2019-5436", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5436", }, ], notes: [ { category: "general", text: "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5436", url: "https://www.suse.com/security/cve/CVE-2019-5436", }, { category: "external", summary: "SUSE Bug 1135170 for CVE-2019-5436", url: "https://bugzilla.suse.com/1135170", }, { category: "external", summary: "SUSE Bug 1149496 for CVE-2019-5436", url: "https://bugzilla.suse.com/1149496", }, { category: "external", summary: "SUSE Bug 1154162 for CVE-2019-5436", url: "https://bugzilla.suse.com/1154162", }, { category: "external", summary: "SUSE Bug 1167096 for CVE-2019-5436", url: "https://bugzilla.suse.com/1167096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-5436", }, { cve: "CVE-2019-5481", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5481", }, ], notes: [ { category: "general", text: "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5481", url: "https://www.suse.com/security/cve/CVE-2019-5481", }, { category: "external", summary: "SUSE Bug 1149495 for CVE-2019-5481", url: "https://bugzilla.suse.com/1149495", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-5481", }, { cve: "CVE-2019-5482", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5482", }, ], notes: [ { category: "general", text: "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5482", url: "https://www.suse.com/security/cve/CVE-2019-5482", }, { category: "external", summary: "SUSE Bug 1149496 for CVE-2019-5482", url: "https://bugzilla.suse.com/1149496", }, { category: "external", summary: "SUSE Bug 1156634 for CVE-2019-5482", url: "https://bugzilla.suse.com/1156634", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-5482", }, { cve: "CVE-2020-8169", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8169", }, ], notes: [ { category: "general", text: "curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8169", url: "https://www.suse.com/security/cve/CVE-2020-8169", }, { category: "external", summary: "SUSE Bug 1173026 for CVE-2020-8169", url: "https://bugzilla.suse.com/1173026", }, { category: "external", summary: "SUSE Bug 1186108 for CVE-2020-8169", url: "https://bugzilla.suse.com/1186108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-8169", }, { cve: "CVE-2020-8231", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8231", }, ], notes: [ { category: "general", text: "Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8231", url: "https://www.suse.com/security/cve/CVE-2020-8231", }, { category: "external", summary: "SUSE Bug 1175109 for CVE-2020-8231", url: "https://bugzilla.suse.com/1175109", }, { category: "external", summary: "SUSE Bug 1179399 for CVE-2020-8231", url: "https://bugzilla.suse.com/1179399", }, { category: "external", summary: "SUSE Bug 1186108 for CVE-2020-8231", url: "https://bugzilla.suse.com/1186108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-8231", }, { cve: "CVE-2020-8284", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8284", }, ], notes: [ { category: "general", text: "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8284", url: "https://www.suse.com/security/cve/CVE-2020-8284", }, { category: "external", summary: "SUSE Bug 1179398 for CVE-2020-8284", url: "https://bugzilla.suse.com/1179398", }, { category: "external", summary: "SUSE Bug 1179399 for CVE-2020-8284", url: "https://bugzilla.suse.com/1179399", }, { category: "external", summary: "SUSE Bug 1186108 for CVE-2020-8284", url: "https://bugzilla.suse.com/1186108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-8284", }, { cve: "CVE-2020-8285", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8285", }, ], notes: [ { category: "general", text: "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8285", url: "https://www.suse.com/security/cve/CVE-2020-8285", }, { category: "external", summary: "SUSE Bug 1179399 for CVE-2020-8285", url: "https://bugzilla.suse.com/1179399", }, { category: "external", summary: "SUSE Bug 1186108 for CVE-2020-8285", url: "https://bugzilla.suse.com/1186108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-8285", }, { cve: "CVE-2020-8286", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8286", }, ], notes: [ { category: "general", text: "curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8286", url: "https://www.suse.com/security/cve/CVE-2020-8286", }, { category: "external", summary: "SUSE Bug 1179593 for CVE-2020-8286", url: "https://bugzilla.suse.com/1179593", }, { category: "external", summary: "SUSE Bug 1186108 for CVE-2020-8286", url: "https://bugzilla.suse.com/1186108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-8286", }, { cve: "CVE-2021-22297", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22297", }, ], notes: [ { category: "general", text: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22297", url: "https://www.suse.com/security/cve/CVE-2021-22297", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22297", }, { cve: "CVE-2021-22298", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22298", }, ], notes: [ { category: "general", text: "There is a logic vulnerability in Huawei Gauss100 OLTP Product. An attacker with certain permissions could perform specific SQL statement to exploit this vulnerability. Due to insufficient security design, successful exploit can cause service abnormal. Affected product versions include: ManageOne versions 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, 6.5.1.SPC100.B050, 6.5.1.SPC101.B010, 6.5.1.SPC101.B040, 6.5.1.SPC200, 6.5.1.SPC200.B010, 6.5.1.SPC200.B030, 6.5.1.SPC200.B040, 6.5.1.SPC200.B050, 6.5.1.SPC200.B060, 6.5.1.SPC200.B070, 6.5.1RC1.B070, 6.5.1RC1.B080, 6.5.1RC2.B040, 6.5.1RC2.B050, 6.5.1RC2.B060, 6.5.1RC2.B070, 6.5.1RC2.B080, 6.5.1RC2.B090.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22298", url: "https://www.suse.com/security/cve/CVE-2021-22298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22298", }, { cve: "CVE-2021-22876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22876", }, ], notes: [ { category: "general", text: "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22876", url: "https://www.suse.com/security/cve/CVE-2021-22876", }, { category: "external", summary: "SUSE Bug 1183933 for CVE-2021-22876", url: "https://bugzilla.suse.com/1183933", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22876", }, { cve: "CVE-2021-22890", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22890", }, ], notes: [ { category: "general", text: "curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly \"short-cut\" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22890", url: "https://www.suse.com/security/cve/CVE-2021-22890", }, { category: "external", summary: "SUSE Bug 1183934 for CVE-2021-22890", url: "https://bugzilla.suse.com/1183934", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2021-22890", }, { cve: "CVE-2021-22898", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22898", }, ], notes: [ { category: "general", text: "curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22898", url: "https://www.suse.com/security/cve/CVE-2021-22898", }, { category: "external", summary: "SUSE Bug 1186114 for CVE-2021-22898", url: "https://bugzilla.suse.com/1186114", }, { category: "external", summary: "SUSE Bug 1192450 for CVE-2021-22898", url: "https://bugzilla.suse.com/1192450", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22898", }, { cve: "CVE-2021-22901", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22901", }, ], notes: [ { category: "general", text: "curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22901", url: "https://www.suse.com/security/cve/CVE-2021-22901", }, { category: "external", summary: "SUSE Bug 1186115 for CVE-2021-22901", url: "https://bugzilla.suse.com/1186115", }, { category: "external", summary: "SUSE Bug 1188549 for CVE-2021-22901", url: "https://bugzilla.suse.com/1188549", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-22901", }, { cve: "CVE-2021-22922", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22922", }, ], notes: [ { category: "general", text: "When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22922", url: "https://www.suse.com/security/cve/CVE-2021-22922", }, { category: "external", summary: "SUSE Bug 1188217 for CVE-2021-22922", url: "https://bugzilla.suse.com/1188217", }, { category: "external", summary: "SUSE Bug 1192447 for CVE-2021-22922", url: "https://bugzilla.suse.com/1192447", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22922", }, { cve: "CVE-2021-22924", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22924", }, ], notes: [ { category: "general", text: "libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22924", url: "https://www.suse.com/security/cve/CVE-2021-22924", }, { category: "external", summary: "SUSE Bug 1188219 for CVE-2021-22924", url: "https://bugzilla.suse.com/1188219", }, { category: "external", summary: "SUSE Bug 1192447 for CVE-2021-22924", url: "https://bugzilla.suse.com/1192447", }, { category: "external", summary: "SUSE Bug 1200196 for CVE-2021-22924", url: "https://bugzilla.suse.com/1200196", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22924", }, { cve: "CVE-2021-22945", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22945", }, ], notes: [ { category: "general", text: "When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22945", url: "https://www.suse.com/security/cve/CVE-2021-22945", }, { category: "external", summary: "SUSE Bug 1190213 for CVE-2021-22945", url: "https://bugzilla.suse.com/1190213", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22945", }, { cve: "CVE-2021-22946", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22946", }, ], notes: [ { category: "general", text: "A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22946", url: "https://www.suse.com/security/cve/CVE-2021-22946", }, { category: "external", summary: "SUSE Bug 1190373 for CVE-2021-22946", url: "https://bugzilla.suse.com/1190373", }, { category: "external", summary: "SUSE Bug 1194948 for CVE-2021-22946", url: "https://bugzilla.suse.com/1194948", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22946", }, { cve: "CVE-2021-22947", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22947", }, ], notes: [ { category: "general", text: "When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22947", url: "https://www.suse.com/security/cve/CVE-2021-22947", }, { category: "external", summary: "SUSE Bug 1190374 for CVE-2021-22947", url: "https://bugzilla.suse.com/1190374", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:curl-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:curl-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:curl-7.79.1-1.1.s390x", "openSUSE Tumbleweed:curl-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl-devel-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-32bit-7.79.1-1.1.x86_64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.aarch64", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.ppc64le", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.s390x", "openSUSE Tumbleweed:libcurl4-7.79.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22947", }, ], }
opensuse-su-2019:0174-1
Vulnerability from csaf_opensuse
Published
2019-03-23 10:58
Modified
2019-03-23 10:58
Summary
Security update for curl
Notes
Title of the patch
Security update for curl
Description of the patch
This update for curl fixes the following issues:
Security issues fixed:
- CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP (bsc#1123378).
- CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message (bsc#1123377).
- CVE-2018-16890: Fixed a heap buffer out-of-bounds read in the function handling incoming NTLM type-2 messages (bsc#1123371).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2019-174
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for curl", title: "Title of the patch", }, { category: "description", text: "This update for curl fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP (bsc#1123378).\n- CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message (bsc#1123377).\n- CVE-2018-16890: Fixed a heap buffer out-of-bounds read in the function handling incoming NTLM type-2 messages (bsc#1123371).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2019-174", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_0174-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2019:0174-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DRDOZ4FJSPSJNNQSD2FOPKFCVGMYT4J2/#DRDOZ4FJSPSJNNQSD2FOPKFCVGMYT4J2", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2019:0174-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DRDOZ4FJSPSJNNQSD2FOPKFCVGMYT4J2/#DRDOZ4FJSPSJNNQSD2FOPKFCVGMYT4J2", }, { category: "self", summary: "SUSE Bug 1123371", url: "https://bugzilla.suse.com/1123371", }, { category: "self", summary: "SUSE Bug 1123377", url: "https://bugzilla.suse.com/1123377", }, { category: "self", summary: "SUSE Bug 1123378", url: "https://bugzilla.suse.com/1123378", }, { category: "self", summary: "SUSE CVE CVE-2018-16890 page", url: "https://www.suse.com/security/cve/CVE-2018-16890/", }, { category: "self", summary: "SUSE CVE CVE-2019-3822 page", url: "https://www.suse.com/security/cve/CVE-2019-3822/", }, { category: "self", summary: "SUSE CVE CVE-2019-3823 page", url: "https://www.suse.com/security/cve/CVE-2019-3823/", }, ], title: "Security update for curl", tracking: { current_release_date: "2019-03-23T10:58:25Z", generator: { date: "2019-03-23T10:58:25Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2019:0174-1", initial_release_date: "2019-03-23T10:58:25Z", revision_history: [ { date: "2019-03-23T10:58:25Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "curl-7.60.0-lp150.2.18.1.i586", product: { name: "curl-7.60.0-lp150.2.18.1.i586", product_id: "curl-7.60.0-lp150.2.18.1.i586", }, }, { category: "product_version", name: "curl-mini-7.60.0-lp150.2.18.1.i586", product: { name: "curl-mini-7.60.0-lp150.2.18.1.i586", product_id: "curl-mini-7.60.0-lp150.2.18.1.i586", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-lp150.2.18.1.i586", product: { name: "libcurl-devel-7.60.0-lp150.2.18.1.i586", product_id: "libcurl-devel-7.60.0-lp150.2.18.1.i586", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", product: { name: "libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", product_id: "libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", }, }, { category: "product_version", name: "libcurl4-7.60.0-lp150.2.18.1.i586", product: { name: "libcurl4-7.60.0-lp150.2.18.1.i586", product_id: "libcurl4-7.60.0-lp150.2.18.1.i586", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-lp150.2.18.1.i586", product: { name: "libcurl4-mini-7.60.0-lp150.2.18.1.i586", product_id: "libcurl4-mini-7.60.0-lp150.2.18.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "curl-7.60.0-lp150.2.18.1.x86_64", product: { name: "curl-7.60.0-lp150.2.18.1.x86_64", product_id: "curl-7.60.0-lp150.2.18.1.x86_64", }, }, { category: "product_version", name: "curl-mini-7.60.0-lp150.2.18.1.x86_64", product: { name: "curl-mini-7.60.0-lp150.2.18.1.x86_64", product_id: "curl-mini-7.60.0-lp150.2.18.1.x86_64", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-lp150.2.18.1.x86_64", product: { name: "libcurl-devel-7.60.0-lp150.2.18.1.x86_64", product_id: "libcurl-devel-7.60.0-lp150.2.18.1.x86_64", }, }, { category: "product_version", name: "libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", product: { name: "libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", product_id: "libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", product: { name: "libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", product_id: "libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", }, }, { category: "product_version", name: "libcurl4-7.60.0-lp150.2.18.1.x86_64", product: { name: "libcurl4-7.60.0-lp150.2.18.1.x86_64", product_id: "libcurl4-7.60.0-lp150.2.18.1.x86_64", }, }, { category: "product_version", name: "libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", product: { name: "libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", product_id: "libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", product: { name: "libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", product_id: "libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.0", product: { name: "openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.0", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "curl-7.60.0-lp150.2.18.1.i586 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.i586", }, product_reference: "curl-7.60.0-lp150.2.18.1.i586", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "curl-7.60.0-lp150.2.18.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.x86_64", }, product_reference: "curl-7.60.0-lp150.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "curl-mini-7.60.0-lp150.2.18.1.i586 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.i586", }, product_reference: "curl-mini-7.60.0-lp150.2.18.1.i586", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "curl-mini-7.60.0-lp150.2.18.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.x86_64", }, product_reference: "curl-mini-7.60.0-lp150.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.60.0-lp150.2.18.1.i586 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.i586", }, product_reference: "libcurl-devel-7.60.0-lp150.2.18.1.i586", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.60.0-lp150.2.18.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.x86_64", }, product_reference: "libcurl-devel-7.60.0-lp150.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", }, product_reference: "libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-mini-devel-7.60.0-lp150.2.18.1.i586 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", }, product_reference: "libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", }, product_reference: "libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-lp150.2.18.1.i586 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.i586", }, product_reference: "libcurl4-7.60.0-lp150.2.18.1.i586", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-lp150.2.18.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.x86_64", }, product_reference: "libcurl4-7.60.0-lp150.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", }, product_reference: "libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "libcurl4-mini-7.60.0-lp150.2.18.1.i586 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.i586", }, product_reference: "libcurl4-mini-7.60.0-lp150.2.18.1.i586", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "libcurl4-mini-7.60.0-lp150.2.18.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", }, product_reference: "libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, ], }, vulnerabilities: [ { cve: "CVE-2018-16890", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16890", }, ], notes: [ { category: "general", text: "libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16890", url: "https://www.suse.com/security/cve/CVE-2018-16890", }, { category: "external", summary: "SUSE Bug 1123371 for CVE-2018-16890", url: "https://bugzilla.suse.com/1123371", }, { category: "external", summary: "SUSE Bug 1123378 for CVE-2018-16890", url: "https://bugzilla.suse.com/1123378", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2018-16890", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-03-23T10:58:25Z", details: "low", }, ], title: "CVE-2018-16890", }, { cve: "CVE-2019-3822", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3822", }, ], notes: [ { category: "general", text: "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3822", url: "https://www.suse.com/security/cve/CVE-2019-3822", }, { category: "external", summary: "SUSE Bug 1123377 for CVE-2019-3822", url: "https://bugzilla.suse.com/1123377", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2019-3822", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-03-23T10:58:25Z", details: "important", }, ], title: "CVE-2019-3822", }, { cve: "CVE-2019-3823", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3823", }, ], notes: [ { category: "general", text: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3823", url: "https://www.suse.com/security/cve/CVE-2019-3823", }, { category: "external", summary: "SUSE Bug 1123378 for CVE-2019-3823", url: "https://bugzilla.suse.com/1123378", }, { category: "external", summary: "SUSE Bug 1126909 for CVE-2019-3823", url: "https://bugzilla.suse.com/1126909", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2019-3823", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:curl-mini-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl-mini-devel-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-32bit-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-7.60.0-lp150.2.18.1.x86_64", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.i586", "openSUSE Leap 15.0:libcurl4-mini-7.60.0-lp150.2.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-03-23T10:58:25Z", details: "moderate", }, ], title: "CVE-2019-3823", }, ], }
RHSA-2019:3701
Vulnerability from csaf_redhat
Published
2019-11-05 22:28
Modified
2025-03-17 01:13
Summary
Red Hat Security Advisory: curl security and bug fix update
Notes
Topic
An update for curl is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
Security Fix(es):
* curl: NTLM type-2 heap out-of-bounds buffer read (CVE-2018-16890)
* wget: Information exposure in set_file_metadata function in xattr.c (CVE-2018-20483)
* curl: NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)
* curl: SMTP end-of-response out-of-bounds read (CVE-2019-3823)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for curl is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: NTLM type-2 heap out-of-bounds buffer read (CVE-2018-16890)\n\n* wget: Information exposure in set_file_metadata function in xattr.c (CVE-2018-20483)\n\n* curl: NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)\n\n* curl: SMTP end-of-response out-of-bounds read (CVE-2019-3823)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:3701", url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/", }, { category: "external", summary: "1662705", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1662705", }, { category: "external", summary: "1669156", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669156", }, { category: "external", summary: "1670252", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670252", }, { category: "external", summary: "1670254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670254", }, { category: "external", summary: "1670256", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670256", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3701.json", }, ], title: "Red Hat Security Advisory: curl security and bug fix update", tracking: { current_release_date: "2025-03-17T01:13:48+00:00", generator: { date: "2025-03-17T01:13:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2019:3701", initial_release_date: "2019-11-05T22:28:38+00:00", revision_history: [ { date: "2019-11-05T22:28:38+00:00", number: "1", summary: "Initial version", }, { date: "2019-11-05T22:28:38+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-17T01:13:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux BaseOS (v. 8)", product: { name: "Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:8::baseos", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.aarch64", product: { name: "curl-0:7.61.1-11.el8.aarch64", product_id: "curl-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-0:7.61.1-11.el8.aarch64", product_id: "libcurl-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.aarch64", product: { name: "curl-debuginfo-0:7.61.1-11.el8.aarch64", product_id: "curl-debuginfo-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.aarch64", product: { name: "curl-debugsource-0:7.61.1-11.el8.aarch64", product_id: "curl-debugsource-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-minimal-0:7.61.1-11.el8.aarch64", product_id: "libcurl-minimal-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-devel-0:7.61.1-11.el8.aarch64", product_id: "libcurl-devel-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.x86_64", product: { name: "curl-0:7.61.1-11.el8.x86_64", product_id: "curl-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-0:7.61.1-11.el8.x86_64", product_id: "libcurl-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.x86_64", product: { name: "curl-debuginfo-0:7.61.1-11.el8.x86_64", product_id: "curl-debuginfo-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.x86_64", product: { name: "curl-debugsource-0:7.61.1-11.el8.x86_64", product_id: "curl-debugsource-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-minimal-0:7.61.1-11.el8.x86_64", product_id: "libcurl-minimal-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-devel-0:7.61.1-11.el8.x86_64", product_id: "libcurl-devel-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "libcurl-0:7.61.1-11.el8.i686", product: { name: "libcurl-0:7.61.1-11.el8.i686", product_id: "libcurl-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.i686", product: { name: "curl-debuginfo-0:7.61.1-11.el8.i686", product_id: "curl-debuginfo-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.i686", product: { name: "curl-debugsource-0:7.61.1-11.el8.i686", product_id: "curl-debugsource-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.i686", product: { name: "libcurl-minimal-0:7.61.1-11.el8.i686", product_id: "libcurl-minimal-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.i686", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.i686", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.i686", product: { name: "libcurl-devel-0:7.61.1-11.el8.i686", product_id: "libcurl-devel-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.s390x", product: { name: "curl-0:7.61.1-11.el8.s390x", product_id: "curl-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-0:7.61.1-11.el8.s390x", product: { name: "libcurl-0:7.61.1-11.el8.s390x", product_id: "libcurl-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.s390x", product: { name: "curl-debuginfo-0:7.61.1-11.el8.s390x", product_id: "curl-debuginfo-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.s390x", product: { name: "curl-debugsource-0:7.61.1-11.el8.s390x", product_id: "curl-debugsource-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.s390x", product: { name: "libcurl-minimal-0:7.61.1-11.el8.s390x", product_id: "libcurl-minimal-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.s390x", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.s390x", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.s390x", product: { name: "libcurl-devel-0:7.61.1-11.el8.s390x", product_id: "libcurl-devel-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.src", product: { name: "curl-0:7.61.1-11.el8.src", product_id: "curl-0:7.61.1-11.el8.src", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.ppc64le", product: { name: "curl-0:7.61.1-11.el8.ppc64le", product_id: "curl-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.ppc64le", product: { name: "curl-debuginfo-0:7.61.1-11.el8.ppc64le", product_id: "curl-debuginfo-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.ppc64le", product: { name: "curl-debugsource-0:7.61.1-11.el8.ppc64le", product_id: "curl-debugsource-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-minimal-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-minimal-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-devel-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-devel-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", }, product_reference: "curl-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", }, product_reference: "curl-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", }, product_reference: "curl-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", }, product_reference: "curl-0:7.61.1-11.el8.src", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", }, product_reference: "curl-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Wenxiang Qian", ], organization: "Tencent Blade Team", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16890", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670252", }, ], notes: [ { category: "description", text: "An out-of-bounds read flaw was found in the way curl handled NTLMv2 type-2 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash.", title: "Vulnerability description", }, { category: "summary", text: "curl: NTLM type-2 heap out-of-bounds buffer read", title: "Vulnerability summary", }, { category: "other", text: "The versions of curl package shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support NTLMv2 type-2 headers, hence they are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16890", }, { category: "external", summary: "RHBZ#1670252", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670252", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16890", url: "https://www.cve.org/CVERecord?id=CVE-2018-16890", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16890.html", url: "https://curl.haxx.se/docs/CVE-2018-16890.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:28:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "workaround", details: "Turn off NTLM authentication.", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: NTLM type-2 heap out-of-bounds buffer read", }, { cve: "CVE-2018-20483", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-12-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1662705", }, ], notes: [ { category: "description", text: "set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.", title: "Vulnerability description", }, { category: "summary", text: "wget: Information exposure in set_file_metadata function in xattr.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20483", }, { category: "external", summary: "RHBZ#1662705", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1662705", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20483", url: "https://www.cve.org/CVERecord?id=CVE-2018-20483", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20483", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20483", }, { category: "external", summary: "http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS", url: "http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS", }, ], release_date: "2018-12-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:28:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "workaround", details: "wget users should pass credentials using the \"--user/password\" or the \"--user/--ask-password\" command line argument to wget or use --no-xattr to turn off saving extended attribute information. In curl downloading extended attributes is disabled by default.", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "wget: Information exposure in set_file_metadata function in xattr.c", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Wenxiang Qian", ], organization: "Tencent Blade Team", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3822", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670254", }, ], notes: [ { category: "description", text: "A stack-based buffer overflow was found in the way curl handled NTLMv2 type-3 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash.", title: "Vulnerability description", }, { category: "summary", text: "curl: NTLMv2 type-3 header stack buffer overflow", title: "Vulnerability summary", }, { category: "other", text: "The versions of curl package shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support NTLMv2 type-3 headers, hence they are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3822", }, { category: "external", summary: "RHBZ#1670254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670254", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3822", url: "https://www.cve.org/CVERecord?id=CVE-2019-3822", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-3822.html", url: "https://curl.haxx.se/docs/CVE-2019-3822.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:28:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "workaround", details: "Turn off NTLM authentication.", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: NTLMv2 type-3 header stack buffer overflow", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Brian Carpenter", ], organization: "Geeknik Labs", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3823", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670256", }, ], notes: [ { category: "description", text: "An out-of-bounds read flaw was found in the way curl handled certain SMTP responses. A remote attacker could use this flaw to crash curl.", title: "Vulnerability description", }, { category: "summary", text: "curl: SMTP end-of-response out-of-bounds read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3823", }, { category: "external", summary: "RHBZ#1670256", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670256", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3823", url: "https://www.cve.org/CVERecord?id=CVE-2019-3823", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-3823.html", url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:28:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "workaround", details: "Do not use SMTP authentication with curl", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: SMTP end-of-response out-of-bounds read", }, ], }
rhsa-2019:3701
Vulnerability from csaf_redhat
Published
2019-11-05 22:28
Modified
2025-03-17 01:13
Summary
Red Hat Security Advisory: curl security and bug fix update
Notes
Topic
An update for curl is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
Security Fix(es):
* curl: NTLM type-2 heap out-of-bounds buffer read (CVE-2018-16890)
* wget: Information exposure in set_file_metadata function in xattr.c (CVE-2018-20483)
* curl: NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)
* curl: SMTP end-of-response out-of-bounds read (CVE-2019-3823)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for curl is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: NTLM type-2 heap out-of-bounds buffer read (CVE-2018-16890)\n\n* wget: Information exposure in set_file_metadata function in xattr.c (CVE-2018-20483)\n\n* curl: NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)\n\n* curl: SMTP end-of-response out-of-bounds read (CVE-2019-3823)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:3701", url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/", }, { category: "external", summary: "1662705", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1662705", }, { category: "external", summary: "1669156", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669156", }, { category: "external", summary: "1670252", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670252", }, { category: "external", summary: "1670254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670254", }, { category: "external", summary: "1670256", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670256", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3701.json", }, ], title: "Red Hat Security Advisory: curl security and bug fix update", tracking: { current_release_date: "2025-03-17T01:13:48+00:00", generator: { date: "2025-03-17T01:13:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2019:3701", initial_release_date: "2019-11-05T22:28:38+00:00", revision_history: [ { date: "2019-11-05T22:28:38+00:00", number: "1", summary: "Initial version", }, { date: "2019-11-05T22:28:38+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-17T01:13:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux BaseOS (v. 8)", product: { name: "Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:8::baseos", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.aarch64", product: { name: "curl-0:7.61.1-11.el8.aarch64", product_id: "curl-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-0:7.61.1-11.el8.aarch64", product_id: "libcurl-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.aarch64", product: { name: "curl-debuginfo-0:7.61.1-11.el8.aarch64", product_id: "curl-debuginfo-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.aarch64", product: { name: "curl-debugsource-0:7.61.1-11.el8.aarch64", product_id: "curl-debugsource-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-minimal-0:7.61.1-11.el8.aarch64", product_id: "libcurl-minimal-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-devel-0:7.61.1-11.el8.aarch64", product_id: "libcurl-devel-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.x86_64", product: { name: "curl-0:7.61.1-11.el8.x86_64", product_id: "curl-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-0:7.61.1-11.el8.x86_64", product_id: "libcurl-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.x86_64", product: { name: "curl-debuginfo-0:7.61.1-11.el8.x86_64", product_id: "curl-debuginfo-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.x86_64", product: { name: "curl-debugsource-0:7.61.1-11.el8.x86_64", product_id: "curl-debugsource-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-minimal-0:7.61.1-11.el8.x86_64", product_id: "libcurl-minimal-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-devel-0:7.61.1-11.el8.x86_64", product_id: "libcurl-devel-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "libcurl-0:7.61.1-11.el8.i686", product: { name: "libcurl-0:7.61.1-11.el8.i686", product_id: "libcurl-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.i686", product: { name: "curl-debuginfo-0:7.61.1-11.el8.i686", product_id: "curl-debuginfo-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.i686", product: { name: "curl-debugsource-0:7.61.1-11.el8.i686", product_id: "curl-debugsource-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.i686", product: { name: "libcurl-minimal-0:7.61.1-11.el8.i686", product_id: "libcurl-minimal-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.i686", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.i686", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.i686", product: { name: "libcurl-devel-0:7.61.1-11.el8.i686", product_id: "libcurl-devel-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.s390x", product: { name: "curl-0:7.61.1-11.el8.s390x", product_id: "curl-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-0:7.61.1-11.el8.s390x", product: { name: "libcurl-0:7.61.1-11.el8.s390x", product_id: "libcurl-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.s390x", product: { name: "curl-debuginfo-0:7.61.1-11.el8.s390x", product_id: "curl-debuginfo-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.s390x", product: { name: "curl-debugsource-0:7.61.1-11.el8.s390x", product_id: "curl-debugsource-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.s390x", product: { name: "libcurl-minimal-0:7.61.1-11.el8.s390x", product_id: "libcurl-minimal-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.s390x", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.s390x", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.s390x", product: { name: "libcurl-devel-0:7.61.1-11.el8.s390x", product_id: "libcurl-devel-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.src", product: { name: "curl-0:7.61.1-11.el8.src", product_id: "curl-0:7.61.1-11.el8.src", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.ppc64le", product: { name: "curl-0:7.61.1-11.el8.ppc64le", product_id: "curl-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.ppc64le", product: { name: "curl-debuginfo-0:7.61.1-11.el8.ppc64le", product_id: "curl-debuginfo-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.ppc64le", product: { name: "curl-debugsource-0:7.61.1-11.el8.ppc64le", product_id: "curl-debugsource-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-minimal-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-minimal-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-devel-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-devel-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", }, product_reference: "curl-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", }, product_reference: "curl-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", }, product_reference: "curl-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", }, product_reference: "curl-0:7.61.1-11.el8.src", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", }, product_reference: "curl-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Wenxiang Qian", ], organization: "Tencent Blade Team", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16890", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670252", }, ], notes: [ { category: "description", text: "An out-of-bounds read flaw was found in the way curl handled NTLMv2 type-2 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash.", title: "Vulnerability description", }, { category: "summary", text: "curl: NTLM type-2 heap out-of-bounds buffer read", title: "Vulnerability summary", }, { category: "other", text: "The versions of curl package shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support NTLMv2 type-2 headers, hence they are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16890", }, { category: "external", summary: "RHBZ#1670252", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670252", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16890", url: "https://www.cve.org/CVERecord?id=CVE-2018-16890", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16890.html", url: "https://curl.haxx.se/docs/CVE-2018-16890.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:28:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "workaround", details: "Turn off NTLM authentication.", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: NTLM type-2 heap out-of-bounds buffer read", }, { cve: "CVE-2018-20483", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-12-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1662705", }, ], notes: [ { category: "description", text: "set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.", title: "Vulnerability description", }, { category: "summary", text: "wget: Information exposure in set_file_metadata function in xattr.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20483", }, { category: "external", summary: "RHBZ#1662705", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1662705", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20483", url: "https://www.cve.org/CVERecord?id=CVE-2018-20483", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20483", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20483", }, { category: "external", summary: "http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS", url: "http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS", }, ], release_date: "2018-12-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:28:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "workaround", details: "wget users should pass credentials using the \"--user/password\" or the \"--user/--ask-password\" command line argument to wget or use --no-xattr to turn off saving extended attribute information. In curl downloading extended attributes is disabled by default.", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "wget: Information exposure in set_file_metadata function in xattr.c", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Wenxiang Qian", ], organization: "Tencent Blade Team", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3822", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670254", }, ], notes: [ { category: "description", text: "A stack-based buffer overflow was found in the way curl handled NTLMv2 type-3 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash.", title: "Vulnerability description", }, { category: "summary", text: "curl: NTLMv2 type-3 header stack buffer overflow", title: "Vulnerability summary", }, { category: "other", text: "The versions of curl package shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support NTLMv2 type-3 headers, hence they are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3822", }, { category: "external", summary: "RHBZ#1670254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670254", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3822", url: "https://www.cve.org/CVERecord?id=CVE-2019-3822", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-3822.html", url: "https://curl.haxx.se/docs/CVE-2019-3822.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:28:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "workaround", details: "Turn off NTLM authentication.", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: NTLMv2 type-3 header stack buffer overflow", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Brian Carpenter", ], organization: "Geeknik Labs", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3823", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670256", }, ], notes: [ { category: "description", text: "An out-of-bounds read flaw was found in the way curl handled certain SMTP responses. A remote attacker could use this flaw to crash curl.", title: "Vulnerability description", }, { category: "summary", text: "curl: SMTP end-of-response out-of-bounds read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3823", }, { category: "external", summary: "RHBZ#1670256", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670256", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3823", url: "https://www.cve.org/CVERecord?id=CVE-2019-3823", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-3823.html", url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:28:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "workaround", details: "Do not use SMTP authentication with curl", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: SMTP end-of-response out-of-bounds read", }, ], }
rhsa-2019_1543
Vulnerability from csaf_redhat
Published
2019-06-18 19:08
Modified
2024-11-22 13:00
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 security update
Notes
Topic
Red Hat JBoss Core Services Pack Apache Server 2.4.29 Service Pack 2 packages for Microsoft Windows and Oracle Solaris are now available.
Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.29 Service Pack 2 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services
Apache HTTP Server 2.4.29 SP1, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes, enhancements and component upgrades included in this release.
Security Fix(es):
* openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)
* openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)
* libxml2: NULL pointer dereference in xpath.c:xmlXPathCompOpEval() can allow attackers to cause a denial of service (CVE-2018-14404)
* curl: Out-of-bounds read in code handling HTTP/2 trailers (CVE-2018-1000005)
* curl: HTTP authentication leak in redirects (CVE-2018-1000007)
* curl: FTP path trickery leads to NIL byte out of bounds write (CVE-2018-1000120)
* curl: RTSP RTP buffer over-read (CVE-2018-1000122)
* httpd: privilege escalation from modules scripts (CVE-2019-0211)
Details around these issues, including information about CVEs, severity of the issues, and CVSS scores can be found on the CVE pages listed in the References section below.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat JBoss Core Services Pack Apache Server 2.4.29 Service Pack 2 packages for Microsoft Windows and Oracle Solaris are now available.\n\nRed Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "This release adds the new Apache HTTP Server 2.4.29 Service Pack 2 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.29 SP1, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes, enhancements and component upgrades included in this release.\n\nSecurity Fix(es):\n\n* openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n* openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)\n\n* libxml2: NULL pointer dereference in xpath.c:xmlXPathCompOpEval() can allow attackers to cause a denial of service (CVE-2018-14404)\n\n* curl: Out-of-bounds read in code handling HTTP/2 trailers (CVE-2018-1000005)\n\n* curl: HTTP authentication leak in redirects (CVE-2018-1000007)\n\n* curl: FTP path trickery leads to NIL byte out of bounds write (CVE-2018-1000120)\n\n* curl: RTSP RTP buffer over-read (CVE-2018-1000122)\n\n* httpd: privilege escalation from modules scripts (CVE-2019-0211)\n\nDetails around these issues, including information about CVEs, severity of the issues, and CVSS scores can be found on the CVE pages listed in the References section below.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:1543", url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.29", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.29", }, { category: "external", summary: "1536013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1536013", }, { category: "external", summary: "1537125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1537125", }, { category: "external", summary: "1552628", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1552628", }, { category: "external", summary: "1553398", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1553398", }, { category: "external", summary: "1591100", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1591100", }, { category: "external", summary: "1591163", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1591163", }, { category: "external", summary: "1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "1694980", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1694980", }, { category: "external", summary: "JBCS-722", url: "https://issues.redhat.com/browse/JBCS-722", }, { category: "external", summary: "JBCS-750", url: "https://issues.redhat.com/browse/JBCS-750", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1543.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 security update", tracking: { current_release_date: "2024-11-22T13:00:03+00:00", generator: { date: "2024-11-22T13:00:03+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:1543", initial_release_date: "2019-06-18T19:08:49+00:00", revision_history: [ { date: "2019-06-18T19:08:49+00:00", number: "1", summary: "Initial version", }, { date: "2019-06-18T19:08:49+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T13:00:03+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "JBoss Core Services Apache HTTP Server 2.4.29 SP2", product: { name: "JBoss Core Services Apache HTTP Server 2.4.29 SP2", product_id: "JBoss Core Services Apache HTTP Server 2.4.29 SP2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1", }, }, }, ], category: "product_family", name: "Red Hat JBoss Core Services", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2018-0495", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-06-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1591163", }, ], notes: [ { category: "description", text: "Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.", title: "Vulnerability description", }, { category: "summary", text: "ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries", title: "Vulnerability summary", }, { category: "other", text: "Since the 5.8.3 release, Red Hat CloudForms no longer uses libtomcrypt.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-0495", }, { category: "external", summary: "RHBZ#1591163", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1591163", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-0495", url: "https://www.cve.org/CVERecord?id=CVE-2018-0495", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-0495", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-0495", }, { category: "external", summary: "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/", url: "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries", }, { cve: "CVE-2018-0732", cwe: { id: "CWE-325", name: "Missing Cryptographic Step", }, discovery_date: "2018-06-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1591100", }, ], notes: [ { category: "description", text: "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).", title: "Vulnerability description", }, { category: "summary", text: "openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-0732", }, { category: "external", summary: "RHBZ#1591100", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1591100", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-0732", url: "https://www.cve.org/CVERecord?id=CVE-2018-0732", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-0732", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-0732", }, { category: "external", summary: "https://www.openssl.org/news/secadv/20180612.txt", url: "https://www.openssl.org/news/secadv/20180612.txt", }, ], release_date: "2018-06-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang", }, { cve: "CVE-2018-14404", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1595985", }, ], notes: [ { category: "description", text: "A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14404", }, { category: "external", summary: "RHBZ#1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14404", url: "https://www.cve.org/CVERecord?id=CVE-2018-14404", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", }, ], release_date: "2018-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Harry Sintonen", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16839", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-10-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1642201", }, ], notes: [ { category: "description", text: "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.", title: "Vulnerability description", }, { category: "summary", text: "curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16839", }, { category: "external", summary: "RHBZ#1642201", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1642201", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16839", url: "https://www.cve.org/CVERecord?id=CVE-2018-16839", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16839", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16839", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16839.html", url: "https://curl.haxx.se/docs/CVE-2018-16839.html", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message()", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Brian Carpenter", ], organization: "Geeknik Labs", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16840", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2018-10-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1642203", }, ], notes: [ { category: "description", text: "A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.", title: "Vulnerability description", }, { category: "summary", text: "curl: Use-after-free when closing \"easy\" handle in Curl_close()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16840", }, { category: "external", summary: "RHBZ#1642203", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1642203", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16840", url: "https://www.cve.org/CVERecord?id=CVE-2018-16840", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16840", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16840", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16840.html", url: "https://curl.haxx.se/docs/CVE-2018-16840.html", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: Use-after-free when closing \"easy\" handle in Curl_close()", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Brian Carpenter", ], organization: "Geeknik Labs", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16842", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-10-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1644124", }, ], notes: [ { category: "description", text: "Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.", title: "Vulnerability description", }, { category: "summary", text: "curl: Heap-based buffer over-read in the curl tool warning formatting", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16842", }, { category: "external", summary: "RHBZ#1644124", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1644124", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16842", url: "https://www.cve.org/CVERecord?id=CVE-2018-16842", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16842", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16842", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16842.html", url: "https://curl.haxx.se/docs/CVE-2018-16842.html", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.6, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: Heap-based buffer over-read in the curl tool warning formatting", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Wenxiang Qian", ], organization: "Tencent Blade Team", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16890", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670252", }, ], notes: [ { category: "description", text: "An out-of-bounds read flaw was found in the way curl handled NTLMv2 type-2 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash.", title: "Vulnerability description", }, { category: "summary", text: "curl: NTLM type-2 heap out-of-bounds buffer read", title: "Vulnerability summary", }, { category: "other", text: "The versions of curl package shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support NTLMv2 type-2 headers, hence they are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16890", }, { category: "external", summary: "RHBZ#1670252", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670252", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16890", url: "https://www.cve.org/CVERecord?id=CVE-2018-16890", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16890.html", url: "https://curl.haxx.se/docs/CVE-2018-16890.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "Turn off NTLM authentication.", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: NTLM type-2 heap out-of-bounds buffer read", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Zhouyihai Ding", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000005", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-01-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1536013", }, ], notes: [ { category: "description", text: "libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something.", title: "Vulnerability description", }, { category: "summary", text: "curl: Out-of-bounds read in code handling HTTP/2 trailers", title: "Vulnerability summary", }, { category: "other", text: "This flaw was introduced in curl-7.49.0. Therefore the versions of curl shipped with Red Hat Enterprise Linux 5, 6 and 7 and Red Hat Ceph Storage 2 are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000005", }, { category: "external", summary: "RHBZ#1536013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1536013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000005", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000005", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000005", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000005", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-824a.html", url: "https://curl.haxx.se/docs/adv_2018-824a.html", }, ], release_date: "2018-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: Out-of-bounds read in code handling HTTP/2 trailers", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Craig de Stigter", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000007", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-01-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1537125", }, ], notes: [ { category: "description", text: "It was found that curl and libcurl might send their Authentication header to a third party HTTP server upon receiving an HTTP REDIRECT reply. This could leak authentication token to external entities.", title: "Vulnerability description", }, { category: "summary", text: "curl: HTTP authentication leak in redirects", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of curl as shipped with Red Hat Enterprise Linux 5, 6, and 7, as well as the versions of httpd24-curl as shipped with Red Hat Software Collections. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000007", }, { category: "external", summary: "RHBZ#1537125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1537125", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000007", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000007", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000007", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000007", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-b3bf.html", url: "https://curl.haxx.se/docs/adv_2018-b3bf.html", }, ], release_date: "2018-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "By default, curl and libcurl will not follow redirect requests.\nThis flaw happens only when curl or libcurl are explicitly requested to follow redirects (option --location in curl, and CURLOPT_FOLLOWLOCATION in libcurl).\nTo mitigate this, it is possible to prevent the automated following of redirects, replacing it by manual redirects (and remove the authentication header), for example.", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: HTTP authentication leak in redirects", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Duy Phan Thanh", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000120", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2018-03-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1552628", }, ], notes: [ { category: "description", text: "It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash or an unspecified behavior.", title: "Vulnerability description", }, { category: "summary", text: "curl: FTP path trickery leads to NIL byte out of bounds write", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000120", }, { category: "external", summary: "RHBZ#1552628", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1552628", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000120", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000120", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-9cd6.html", url: "https://curl.haxx.se/docs/adv_2018-9cd6.html", }, ], release_date: "2018-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "Preventing application from using non-default CURLOPT_FTP_FILEMETHOD will avoid triggering the vulnerable code.", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: FTP path trickery leads to NIL byte out of bounds write", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Dario Weisser", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000121", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-03-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1552631", }, ], notes: [ { category: "description", text: "A NULL pointer dereference flaw was found in the way libcurl checks values returned by the openldap ldap_get_attribute_ber() function. A malicious LDAP server could use this flaw to crash a libcurl client application via a specially crafted LDAP reply.", title: "Vulnerability description", }, { category: "summary", text: "curl: LDAP NULL pointer dereference", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000121", }, { category: "external", summary: "RHBZ#1552631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1552631", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000121", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000121", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-97a2.html", url: "https://curl.haxx.se/docs/adv_2018-97a2.html", }, ], release_date: "2018-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: LDAP NULL pointer dereference", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Max Dymond", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000122", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-03-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1553398", }, ], notes: [ { category: "description", text: "A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage", title: "Vulnerability description", }, { category: "summary", text: "curl: RTSP RTP buffer over-read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000122", }, { category: "external", summary: "RHBZ#1553398", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1553398", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000122", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000122", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-b047.html", url: "https://curl.haxx.se/docs/adv_2018-b047.html", }, ], release_date: "2018-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: RTSP RTP buffer over-read", }, { cve: "CVE-2019-0211", cwe: { id: "CWE-250", name: "Execution with Unnecessary Privileges", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1694980", }, ], notes: [ { category: "description", text: "A flaw was found in Apache where code executing in a less-privileged child process or thread could execute arbitrary code with the privilege of the parent process (usually root). An attacker having access to run arbitrary scripts on the web server (PHP, CGI etc) could use this flaw to run code on the web server with root privileges.", title: "Vulnerability description", }, { category: "summary", text: "httpd: privilege escalation from modules scripts", title: "Vulnerability summary", }, { category: "other", text: "This flaw is exploitable in httpd if it is configured to allow an untrusted user to upload and execute arbitrary scripts. Due to the nature of the flaw, the uploaded script would not run as a restricted privileged user, but rather it runs as root allowing for privilege escalation from the restricted user to root on the web server. \n\nDepending on the configuration of the server, you would need local (AV:L) privileges to place the script or network (AV:N) privileges if the server ran an application that permitted uploading scripts directly. The latter scenario is not common for unauthenticated users. Once the attacker can place the script somewhere in the web root where it can be easily exploited (AC:L). This type of setup is more common in shared hosted environments (PR:L) and would allow an attacker with access to a site on the shared hosted to impact the confidentiality, integrity, and availability (CIA:H) with no interaction (UI:N). Due to the elevated privileges obtained, there is an impact to the system beyond the web server itself (S:C).", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-0211", }, { category: "external", summary: "RHBZ#1694980", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1694980", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-0211", url: "https://www.cve.org/CVERecord?id=CVE-2019-0211", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-0211", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-0211", }, { category: "external", summary: "http://www.apache.org/dist/httpd/CHANGES_2.4", url: "http://www.apache.org/dist/httpd/CHANGES_2.4", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0211", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0211", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2019-04-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "exploit_status", date: "2021-11-03T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "httpd: privilege escalation from modules scripts", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Wenxiang Qian", ], organization: "Tencent Blade Team", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3822", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670254", }, ], notes: [ { category: "description", text: "A stack-based buffer overflow was found in the way curl handled NTLMv2 type-3 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash.", title: "Vulnerability description", }, { category: "summary", text: "curl: NTLMv2 type-3 header stack buffer overflow", title: "Vulnerability summary", }, { category: "other", text: "The versions of curl package shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support NTLMv2 type-3 headers, hence they are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3822", }, { category: "external", summary: "RHBZ#1670254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670254", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3822", url: "https://www.cve.org/CVERecord?id=CVE-2019-3822", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-3822.html", url: "https://curl.haxx.se/docs/CVE-2019-3822.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "Turn off NTLM authentication.", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: NTLMv2 type-3 header stack buffer overflow", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Brian Carpenter", ], organization: "Geeknik Labs", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3823", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670256", }, ], notes: [ { category: "description", text: "An out-of-bounds read flaw was found in the way curl handled certain SMTP responses. A remote attacker could use this flaw to crash curl.", title: "Vulnerability description", }, { category: "summary", text: "curl: SMTP end-of-response out-of-bounds read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3823", }, { category: "external", summary: "RHBZ#1670256", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670256", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3823", url: "https://www.cve.org/CVERecord?id=CVE-2019-3823", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-3823.html", url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "Do not use SMTP authentication with curl", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: SMTP end-of-response out-of-bounds read", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "l00p3r", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-5436", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-05-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710620", }, ], notes: [ { category: "description", text: "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", title: "Vulnerability description", }, { category: "summary", text: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", title: "Vulnerability summary", }, { category: "other", text: "This flaw exists if the user selects to use a \"blksize\" of 504 or smaller (default is 512). The smaller size that is used, the larger the possible overflow becomes.\nUsers choosing a smaller size than default should be rare as the primary use case for changing the size is to make it larger. It is rare for users to use TFTP across the Internet. It is most commonly used within local networks.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-5436", }, { category: "external", summary: "RHBZ#1710620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-5436", url: "https://www.cve.org/CVERecord?id=CVE-2019-5436", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-5436.html", url: "https://curl.haxx.se/docs/CVE-2019-5436.html", }, ], release_date: "2019-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", }, ], }
rhsa-2019_3701
Vulnerability from csaf_redhat
Published
2019-11-05 22:28
Modified
2024-11-22 13:17
Summary
Red Hat Security Advisory: curl security and bug fix update
Notes
Topic
An update for curl is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
Security Fix(es):
* curl: NTLM type-2 heap out-of-bounds buffer read (CVE-2018-16890)
* wget: Information exposure in set_file_metadata function in xattr.c (CVE-2018-20483)
* curl: NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)
* curl: SMTP end-of-response out-of-bounds read (CVE-2019-3823)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for curl is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: NTLM type-2 heap out-of-bounds buffer read (CVE-2018-16890)\n\n* wget: Information exposure in set_file_metadata function in xattr.c (CVE-2018-20483)\n\n* curl: NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)\n\n* curl: SMTP end-of-response out-of-bounds read (CVE-2019-3823)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:3701", url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/", }, { category: "external", summary: "1662705", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1662705", }, { category: "external", summary: "1669156", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669156", }, { category: "external", summary: "1670252", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670252", }, { category: "external", summary: "1670254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670254", }, { category: "external", summary: "1670256", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670256", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3701.json", }, ], title: "Red Hat Security Advisory: curl security and bug fix update", tracking: { current_release_date: "2024-11-22T13:17:19+00:00", generator: { date: "2024-11-22T13:17:19+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:3701", initial_release_date: "2019-11-05T22:28:38+00:00", revision_history: [ { date: "2019-11-05T22:28:38+00:00", number: "1", summary: "Initial version", }, { date: "2019-11-05T22:28:38+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T13:17:19+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux BaseOS (v. 8)", product: { name: "Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:8::baseos", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.aarch64", product: { name: "curl-0:7.61.1-11.el8.aarch64", product_id: "curl-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-0:7.61.1-11.el8.aarch64", product_id: "libcurl-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.aarch64", product: { name: "curl-debuginfo-0:7.61.1-11.el8.aarch64", product_id: "curl-debuginfo-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.aarch64", product: { name: "curl-debugsource-0:7.61.1-11.el8.aarch64", product_id: "curl-debugsource-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-minimal-0:7.61.1-11.el8.aarch64", product_id: "libcurl-minimal-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-devel-0:7.61.1-11.el8.aarch64", product_id: "libcurl-devel-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=aarch64", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.x86_64", product: { name: "curl-0:7.61.1-11.el8.x86_64", product_id: "curl-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-0:7.61.1-11.el8.x86_64", product_id: "libcurl-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.x86_64", product: { name: "curl-debuginfo-0:7.61.1-11.el8.x86_64", product_id: "curl-debuginfo-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.x86_64", product: { name: "curl-debugsource-0:7.61.1-11.el8.x86_64", product_id: "curl-debugsource-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-minimal-0:7.61.1-11.el8.x86_64", product_id: "libcurl-minimal-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-devel-0:7.61.1-11.el8.x86_64", product_id: "libcurl-devel-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "libcurl-0:7.61.1-11.el8.i686", product: { name: "libcurl-0:7.61.1-11.el8.i686", product_id: "libcurl-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.i686", product: { name: "curl-debuginfo-0:7.61.1-11.el8.i686", product_id: "curl-debuginfo-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.i686", product: { name: "curl-debugsource-0:7.61.1-11.el8.i686", product_id: "curl-debugsource-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.i686", product: { name: "libcurl-minimal-0:7.61.1-11.el8.i686", product_id: "libcurl-minimal-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.i686", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.i686", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.i686", product: { name: "libcurl-devel-0:7.61.1-11.el8.i686", product_id: "libcurl-devel-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=i686", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.s390x", product: { name: "curl-0:7.61.1-11.el8.s390x", product_id: "curl-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-0:7.61.1-11.el8.s390x", product: { name: "libcurl-0:7.61.1-11.el8.s390x", product_id: "libcurl-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.s390x", product: { name: "curl-debuginfo-0:7.61.1-11.el8.s390x", product_id: "curl-debuginfo-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.s390x", product: { name: "curl-debugsource-0:7.61.1-11.el8.s390x", product_id: "curl-debugsource-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.s390x", product: { name: "libcurl-minimal-0:7.61.1-11.el8.s390x", product_id: "libcurl-minimal-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.s390x", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.s390x", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.s390x", product: { name: "libcurl-devel-0:7.61.1-11.el8.s390x", product_id: "libcurl-devel-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=s390x", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.src", product: { name: "curl-0:7.61.1-11.el8.src", product_id: "curl-0:7.61.1-11.el8.src", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "curl-0:7.61.1-11.el8.ppc64le", product: { name: "curl-0:7.61.1-11.el8.ppc64le", product_id: "curl-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/curl@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "curl-debuginfo-0:7.61.1-11.el8.ppc64le", product: { name: "curl-debuginfo-0:7.61.1-11.el8.ppc64le", product_id: "curl-debuginfo-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debuginfo@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product_id: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/curl-minimal-debuginfo@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "curl-debugsource-0:7.61.1-11.el8.ppc64le", product: { name: "curl-debugsource-0:7.61.1-11.el8.ppc64le", product_id: "curl-debugsource-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/curl-debugsource@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-minimal-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-minimal-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-minimal-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-debuginfo@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-devel-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-devel-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-devel-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-devel@7.61.1-11.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product_id: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libcurl-minimal-debuginfo@7.61.1-11.el8?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", }, product_reference: "curl-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", }, product_reference: "curl-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", }, product_reference: "curl-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", }, product_reference: "curl-0:7.61.1-11.el8.src", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", }, product_reference: "curl-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debuginfo-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", }, product_reference: "curl-debuginfo-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-debugsource-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", }, product_reference: "curl-debugsource-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", }, product_reference: "curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-debuginfo-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-devel-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-minimal-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", }, product_reference: "libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Wenxiang Qian", ], organization: "Tencent Blade Team", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16890", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670252", }, ], notes: [ { category: "description", text: "An out-of-bounds read flaw was found in the way curl handled NTLMv2 type-2 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash.", title: "Vulnerability description", }, { category: "summary", text: "curl: NTLM type-2 heap out-of-bounds buffer read", title: "Vulnerability summary", }, { category: "other", text: "The versions of curl package shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support NTLMv2 type-2 headers, hence they are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16890", }, { category: "external", summary: "RHBZ#1670252", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670252", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16890", url: "https://www.cve.org/CVERecord?id=CVE-2018-16890", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16890.html", url: "https://curl.haxx.se/docs/CVE-2018-16890.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:28:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "workaround", details: "Turn off NTLM authentication.", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: NTLM type-2 heap out-of-bounds buffer read", }, { cve: "CVE-2018-20483", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-12-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1662705", }, ], notes: [ { category: "description", text: "set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.", title: "Vulnerability description", }, { category: "summary", text: "wget: Information exposure in set_file_metadata function in xattr.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20483", }, { category: "external", summary: "RHBZ#1662705", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1662705", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20483", url: "https://www.cve.org/CVERecord?id=CVE-2018-20483", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20483", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20483", }, { category: "external", summary: "http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS", url: "http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS", }, ], release_date: "2018-12-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:28:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "workaround", details: "wget users should pass credentials using the \"--user/password\" or the \"--user/--ask-password\" command line argument to wget or use --no-xattr to turn off saving extended attribute information. In curl downloading extended attributes is disabled by default.", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "wget: Information exposure in set_file_metadata function in xattr.c", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Wenxiang Qian", ], organization: "Tencent Blade Team", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3822", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670254", }, ], notes: [ { category: "description", text: "A stack-based buffer overflow was found in the way curl handled NTLMv2 type-3 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash.", title: "Vulnerability description", }, { category: "summary", text: "curl: NTLMv2 type-3 header stack buffer overflow", title: "Vulnerability summary", }, { category: "other", text: "The versions of curl package shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support NTLMv2 type-3 headers, hence they are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3822", }, { category: "external", summary: "RHBZ#1670254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670254", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3822", url: "https://www.cve.org/CVERecord?id=CVE-2019-3822", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-3822.html", url: "https://curl.haxx.se/docs/CVE-2019-3822.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:28:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "workaround", details: "Turn off NTLM authentication.", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: NTLMv2 type-3 header stack buffer overflow", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Brian Carpenter", ], organization: "Geeknik Labs", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3823", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670256", }, ], notes: [ { category: "description", text: "An out-of-bounds read flaw was found in the way curl handled certain SMTP responses. A remote attacker could use this flaw to crash curl.", title: "Vulnerability description", }, { category: "summary", text: "curl: SMTP end-of-response out-of-bounds read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3823", }, { category: "external", summary: "RHBZ#1670256", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670256", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3823", url: "https://www.cve.org/CVERecord?id=CVE-2019-3823", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-3823.html", url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:28:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { category: "workaround", details: "Do not use SMTP authentication with curl", product_ids: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "BaseOS-8.1.0:curl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.src", "BaseOS-8.1.0:curl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-debugsource-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:curl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-debuginfo-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-devel-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-0:7.61.1-11.el8.x86_64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.aarch64", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.i686", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.ppc64le", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.s390x", "BaseOS-8.1.0:libcurl-minimal-debuginfo-0:7.61.1-11.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: SMTP end-of-response out-of-bounds read", }, ], }
rhsa-2019:1543
Vulnerability from csaf_redhat
Published
2019-06-18 19:08
Modified
2025-04-17 15:03
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 security update
Notes
Topic
Red Hat JBoss Core Services Pack Apache Server 2.4.29 Service Pack 2 packages for Microsoft Windows and Oracle Solaris are now available.
Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.29 Service Pack 2 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services
Apache HTTP Server 2.4.29 SP1, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes, enhancements and component upgrades included in this release.
Security Fix(es):
* openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)
* openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)
* libxml2: NULL pointer dereference in xpath.c:xmlXPathCompOpEval() can allow attackers to cause a denial of service (CVE-2018-14404)
* curl: Out-of-bounds read in code handling HTTP/2 trailers (CVE-2018-1000005)
* curl: HTTP authentication leak in redirects (CVE-2018-1000007)
* curl: FTP path trickery leads to NIL byte out of bounds write (CVE-2018-1000120)
* curl: RTSP RTP buffer over-read (CVE-2018-1000122)
* httpd: privilege escalation from modules scripts (CVE-2019-0211)
Details around these issues, including information about CVEs, severity of the issues, and CVSS scores can be found on the CVE pages listed in the References section below.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat JBoss Core Services Pack Apache Server 2.4.29 Service Pack 2 packages for Microsoft Windows and Oracle Solaris are now available.\n\nRed Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "This release adds the new Apache HTTP Server 2.4.29 Service Pack 2 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.29 SP1, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes, enhancements and component upgrades included in this release.\n\nSecurity Fix(es):\n\n* openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n* openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)\n\n* libxml2: NULL pointer dereference in xpath.c:xmlXPathCompOpEval() can allow attackers to cause a denial of service (CVE-2018-14404)\n\n* curl: Out-of-bounds read in code handling HTTP/2 trailers (CVE-2018-1000005)\n\n* curl: HTTP authentication leak in redirects (CVE-2018-1000007)\n\n* curl: FTP path trickery leads to NIL byte out of bounds write (CVE-2018-1000120)\n\n* curl: RTSP RTP buffer over-read (CVE-2018-1000122)\n\n* httpd: privilege escalation from modules scripts (CVE-2019-0211)\n\nDetails around these issues, including information about CVEs, severity of the issues, and CVSS scores can be found on the CVE pages listed in the References section below.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:1543", url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.29", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.29", }, { category: "external", summary: "1536013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1536013", }, { category: "external", summary: "1537125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1537125", }, { category: "external", summary: "1552628", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1552628", }, { category: "external", summary: "1553398", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1553398", }, { category: "external", summary: "1591100", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1591100", }, { category: "external", summary: "1591163", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1591163", }, { category: "external", summary: "1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "1694980", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1694980", }, { category: "external", summary: "JBCS-722", url: "https://issues.redhat.com/browse/JBCS-722", }, { category: "external", summary: "JBCS-750", url: "https://issues.redhat.com/browse/JBCS-750", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1543.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 security update", tracking: { current_release_date: "2025-04-17T15:03:54+00:00", generator: { date: "2025-04-17T15:03:54+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2019:1543", initial_release_date: "2019-06-18T19:08:49+00:00", revision_history: [ { date: "2019-06-18T19:08:49+00:00", number: "1", summary: "Initial version", }, { date: "2019-06-18T19:08:49+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-17T15:03:54+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "JBoss Core Services Apache HTTP Server 2.4.29 SP2", product: { name: "JBoss Core Services Apache HTTP Server 2.4.29 SP2", product_id: "JBoss Core Services Apache HTTP Server 2.4.29 SP2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1", }, }, }, ], category: "product_family", name: "Red Hat JBoss Core Services", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2018-0495", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-06-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1591163", }, ], notes: [ { category: "description", text: "Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.", title: "Vulnerability description", }, { category: "summary", text: "ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries", title: "Vulnerability summary", }, { category: "other", text: "Since the 5.8.3 release, Red Hat CloudForms no longer uses libtomcrypt.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-0495", }, { category: "external", summary: "RHBZ#1591163", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1591163", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-0495", url: "https://www.cve.org/CVERecord?id=CVE-2018-0495", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-0495", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-0495", }, { category: "external", summary: "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/", url: "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries", }, { cve: "CVE-2018-0732", cwe: { id: "CWE-325", name: "Missing Cryptographic Step", }, discovery_date: "2018-06-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1591100", }, ], notes: [ { category: "description", text: "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).", title: "Vulnerability description", }, { category: "summary", text: "openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-0732", }, { category: "external", summary: "RHBZ#1591100", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1591100", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-0732", url: "https://www.cve.org/CVERecord?id=CVE-2018-0732", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-0732", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-0732", }, { category: "external", summary: "https://www.openssl.org/news/secadv/20180612.txt", url: "https://www.openssl.org/news/secadv/20180612.txt", }, ], release_date: "2018-06-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang", }, { cve: "CVE-2018-14404", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1595985", }, ], notes: [ { category: "description", text: "A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14404", }, { category: "external", summary: "RHBZ#1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14404", url: "https://www.cve.org/CVERecord?id=CVE-2018-14404", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", }, ], release_date: "2018-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Harry Sintonen", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16839", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-10-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1642201", }, ], notes: [ { category: "description", text: "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.", title: "Vulnerability description", }, { category: "summary", text: "curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16839", }, { category: "external", summary: "RHBZ#1642201", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1642201", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16839", url: "https://www.cve.org/CVERecord?id=CVE-2018-16839", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16839", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16839", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16839.html", url: "https://curl.haxx.se/docs/CVE-2018-16839.html", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message()", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Brian Carpenter", ], organization: "Geeknik Labs", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16840", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2018-10-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1642203", }, ], notes: [ { category: "description", text: "A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.", title: "Vulnerability description", }, { category: "summary", text: "curl: Use-after-free when closing \"easy\" handle in Curl_close()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16840", }, { category: "external", summary: "RHBZ#1642203", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1642203", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16840", url: "https://www.cve.org/CVERecord?id=CVE-2018-16840", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16840", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16840", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16840.html", url: "https://curl.haxx.se/docs/CVE-2018-16840.html", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: Use-after-free when closing \"easy\" handle in Curl_close()", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Brian Carpenter", ], organization: "Geeknik Labs", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16842", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-10-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1644124", }, ], notes: [ { category: "description", text: "Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.", title: "Vulnerability description", }, { category: "summary", text: "curl: Heap-based buffer over-read in the curl tool warning formatting", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16842", }, { category: "external", summary: "RHBZ#1644124", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1644124", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16842", url: "https://www.cve.org/CVERecord?id=CVE-2018-16842", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16842", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16842", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16842.html", url: "https://curl.haxx.se/docs/CVE-2018-16842.html", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.6, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: Heap-based buffer over-read in the curl tool warning formatting", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Wenxiang Qian", ], organization: "Tencent Blade Team", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16890", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670252", }, ], notes: [ { category: "description", text: "An out-of-bounds read flaw was found in the way curl handled NTLMv2 type-2 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash.", title: "Vulnerability description", }, { category: "summary", text: "curl: NTLM type-2 heap out-of-bounds buffer read", title: "Vulnerability summary", }, { category: "other", text: "The versions of curl package shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support NTLMv2 type-2 headers, hence they are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16890", }, { category: "external", summary: "RHBZ#1670252", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670252", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16890", url: "https://www.cve.org/CVERecord?id=CVE-2018-16890", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16890.html", url: "https://curl.haxx.se/docs/CVE-2018-16890.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "Turn off NTLM authentication.", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: NTLM type-2 heap out-of-bounds buffer read", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Zhouyihai Ding", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000005", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-01-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1536013", }, ], notes: [ { category: "description", text: "libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something.", title: "Vulnerability description", }, { category: "summary", text: "curl: Out-of-bounds read in code handling HTTP/2 trailers", title: "Vulnerability summary", }, { category: "other", text: "This flaw was introduced in curl-7.49.0. Therefore the versions of curl shipped with Red Hat Enterprise Linux 5, 6 and 7 and Red Hat Ceph Storage 2 are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000005", }, { category: "external", summary: "RHBZ#1536013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1536013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000005", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000005", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000005", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000005", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-824a.html", url: "https://curl.haxx.se/docs/adv_2018-824a.html", }, ], release_date: "2018-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: Out-of-bounds read in code handling HTTP/2 trailers", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Craig de Stigter", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000007", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-01-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1537125", }, ], notes: [ { category: "description", text: "It was found that curl and libcurl might send their Authentication header to a third party HTTP server upon receiving an HTTP REDIRECT reply. This could leak authentication token to external entities.", title: "Vulnerability description", }, { category: "summary", text: "curl: HTTP authentication leak in redirects", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of curl as shipped with Red Hat Enterprise Linux 5, 6, and 7, as well as the versions of httpd24-curl as shipped with Red Hat Software Collections. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000007", }, { category: "external", summary: "RHBZ#1537125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1537125", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000007", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000007", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000007", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000007", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-b3bf.html", url: "https://curl.haxx.se/docs/adv_2018-b3bf.html", }, ], release_date: "2018-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "By default, curl and libcurl will not follow redirect requests.\nThis flaw happens only when curl or libcurl are explicitly requested to follow redirects (option --location in curl, and CURLOPT_FOLLOWLOCATION in libcurl).\nTo mitigate this, it is possible to prevent the automated following of redirects, replacing it by manual redirects (and remove the authentication header), for example.", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: HTTP authentication leak in redirects", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Duy Phan Thanh", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000120", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2018-03-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1552628", }, ], notes: [ { category: "description", text: "It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash or an unspecified behavior.", title: "Vulnerability description", }, { category: "summary", text: "curl: FTP path trickery leads to NIL byte out of bounds write", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000120", }, { category: "external", summary: "RHBZ#1552628", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1552628", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000120", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000120", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-9cd6.html", url: "https://curl.haxx.se/docs/adv_2018-9cd6.html", }, ], release_date: "2018-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "Preventing application from using non-default CURLOPT_FTP_FILEMETHOD will avoid triggering the vulnerable code.", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: FTP path trickery leads to NIL byte out of bounds write", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Dario Weisser", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000121", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-03-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1552631", }, ], notes: [ { category: "description", text: "A NULL pointer dereference flaw was found in the way libcurl checks values returned by the openldap ldap_get_attribute_ber() function. A malicious LDAP server could use this flaw to crash a libcurl client application via a specially crafted LDAP reply.", title: "Vulnerability description", }, { category: "summary", text: "curl: LDAP NULL pointer dereference", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000121", }, { category: "external", summary: "RHBZ#1552631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1552631", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000121", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000121", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-97a2.html", url: "https://curl.haxx.se/docs/adv_2018-97a2.html", }, ], release_date: "2018-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: LDAP NULL pointer dereference", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Max Dymond", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000122", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-03-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1553398", }, ], notes: [ { category: "description", text: "A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage", title: "Vulnerability description", }, { category: "summary", text: "curl: RTSP RTP buffer over-read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000122", }, { category: "external", summary: "RHBZ#1553398", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1553398", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000122", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000122", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-b047.html", url: "https://curl.haxx.se/docs/adv_2018-b047.html", }, ], release_date: "2018-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: RTSP RTP buffer over-read", }, { cve: "CVE-2019-0211", cwe: { id: "CWE-250", name: "Execution with Unnecessary Privileges", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1694980", }, ], notes: [ { category: "description", text: "A flaw was found in Apache where code executing in a less-privileged child process or thread could execute arbitrary code with the privilege of the parent process (usually root). An attacker having access to run arbitrary scripts on the web server (PHP, CGI etc) could use this flaw to run code on the web server with root privileges.", title: "Vulnerability description", }, { category: "summary", text: "httpd: privilege escalation from modules scripts", title: "Vulnerability summary", }, { category: "other", text: "This flaw is exploitable in httpd if it is configured to allow an untrusted user to upload and execute arbitrary scripts. Due to the nature of the flaw, the uploaded script would not run as a restricted privileged user, but rather it runs as root allowing for privilege escalation from the restricted user to root on the web server. \n\nDepending on the configuration of the server, you would need local (AV:L) privileges to place the script or network (AV:N) privileges if the server ran an application that permitted uploading scripts directly. The latter scenario is not common for unauthenticated users. Once the attacker can place the script somewhere in the web root where it can be easily exploited (AC:L). This type of setup is more common in shared hosted environments (PR:L) and would allow an attacker with access to a site on the shared hosted to impact the confidentiality, integrity, and availability (CIA:H) with no interaction (UI:N). Due to the elevated privileges obtained, there is an impact to the system beyond the web server itself (S:C).", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-0211", }, { category: "external", summary: "RHBZ#1694980", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1694980", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-0211", url: "https://www.cve.org/CVERecord?id=CVE-2019-0211", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-0211", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-0211", }, { category: "external", summary: "http://www.apache.org/dist/httpd/CHANGES_2.4", url: "http://www.apache.org/dist/httpd/CHANGES_2.4", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0211", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0211", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2019-04-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "exploit_status", date: "2021-11-03T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "httpd: privilege escalation from modules scripts", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Wenxiang Qian", ], organization: "Tencent Blade Team", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3822", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670254", }, ], notes: [ { category: "description", text: "A stack-based buffer overflow was found in the way curl handled NTLMv2 type-3 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash.", title: "Vulnerability description", }, { category: "summary", text: "curl: NTLMv2 type-3 header stack buffer overflow", title: "Vulnerability summary", }, { category: "other", text: "The versions of curl package shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support NTLMv2 type-3 headers, hence they are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3822", }, { category: "external", summary: "RHBZ#1670254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670254", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3822", url: "https://www.cve.org/CVERecord?id=CVE-2019-3822", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-3822.html", url: "https://curl.haxx.se/docs/CVE-2019-3822.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "Turn off NTLM authentication.", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: NTLMv2 type-3 header stack buffer overflow", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Brian Carpenter", ], organization: "Geeknik Labs", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3823", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670256", }, ], notes: [ { category: "description", text: "An out-of-bounds read flaw was found in the way curl handled certain SMTP responses. A remote attacker could use this flaw to crash curl.", title: "Vulnerability description", }, { category: "summary", text: "curl: SMTP end-of-response out-of-bounds read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3823", }, { category: "external", summary: "RHBZ#1670256", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670256", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3823", url: "https://www.cve.org/CVERecord?id=CVE-2019-3823", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-3823.html", url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "Do not use SMTP authentication with curl", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: SMTP end-of-response out-of-bounds read", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "l00p3r", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-5436", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-05-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710620", }, ], notes: [ { category: "description", text: "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", title: "Vulnerability description", }, { category: "summary", text: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", title: "Vulnerability summary", }, { category: "other", text: "This flaw exists if the user selects to use a \"blksize\" of 504 or smaller (default is 512). The smaller size that is used, the larger the possible overflow becomes.\nUsers choosing a smaller size than default should be rare as the primary use case for changing the size is to make it larger. It is rare for users to use TFTP across the Internet. It is most commonly used within local networks.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-5436", }, { category: "external", summary: "RHBZ#1710620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-5436", url: "https://www.cve.org/CVERecord?id=CVE-2019-5436", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-5436.html", url: "https://curl.haxx.se/docs/CVE-2019-5436.html", }, ], release_date: "2019-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", }, ], }
RHSA-2019:1543
Vulnerability from csaf_redhat
Published
2019-06-18 19:08
Modified
2025-04-17 15:03
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 security update
Notes
Topic
Red Hat JBoss Core Services Pack Apache Server 2.4.29 Service Pack 2 packages for Microsoft Windows and Oracle Solaris are now available.
Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.29 Service Pack 2 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services
Apache HTTP Server 2.4.29 SP1, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes, enhancements and component upgrades included in this release.
Security Fix(es):
* openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)
* openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)
* libxml2: NULL pointer dereference in xpath.c:xmlXPathCompOpEval() can allow attackers to cause a denial of service (CVE-2018-14404)
* curl: Out-of-bounds read in code handling HTTP/2 trailers (CVE-2018-1000005)
* curl: HTTP authentication leak in redirects (CVE-2018-1000007)
* curl: FTP path trickery leads to NIL byte out of bounds write (CVE-2018-1000120)
* curl: RTSP RTP buffer over-read (CVE-2018-1000122)
* httpd: privilege escalation from modules scripts (CVE-2019-0211)
Details around these issues, including information about CVEs, severity of the issues, and CVSS scores can be found on the CVE pages listed in the References section below.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat JBoss Core Services Pack Apache Server 2.4.29 Service Pack 2 packages for Microsoft Windows and Oracle Solaris are now available.\n\nRed Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "This release adds the new Apache HTTP Server 2.4.29 Service Pack 2 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.29 SP1, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes, enhancements and component upgrades included in this release.\n\nSecurity Fix(es):\n\n* openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n* openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)\n\n* libxml2: NULL pointer dereference in xpath.c:xmlXPathCompOpEval() can allow attackers to cause a denial of service (CVE-2018-14404)\n\n* curl: Out-of-bounds read in code handling HTTP/2 trailers (CVE-2018-1000005)\n\n* curl: HTTP authentication leak in redirects (CVE-2018-1000007)\n\n* curl: FTP path trickery leads to NIL byte out of bounds write (CVE-2018-1000120)\n\n* curl: RTSP RTP buffer over-read (CVE-2018-1000122)\n\n* httpd: privilege escalation from modules scripts (CVE-2019-0211)\n\nDetails around these issues, including information about CVEs, severity of the issues, and CVSS scores can be found on the CVE pages listed in the References section below.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:1543", url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.29", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.29", }, { category: "external", summary: "1536013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1536013", }, { category: "external", summary: "1537125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1537125", }, { category: "external", summary: "1552628", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1552628", }, { category: "external", summary: "1553398", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1553398", }, { category: "external", summary: "1591100", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1591100", }, { category: "external", summary: "1591163", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1591163", }, { category: "external", summary: "1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "1694980", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1694980", }, { category: "external", summary: "JBCS-722", url: "https://issues.redhat.com/browse/JBCS-722", }, { category: "external", summary: "JBCS-750", url: "https://issues.redhat.com/browse/JBCS-750", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1543.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 security update", tracking: { current_release_date: "2025-04-17T15:03:54+00:00", generator: { date: "2025-04-17T15:03:54+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2019:1543", initial_release_date: "2019-06-18T19:08:49+00:00", revision_history: [ { date: "2019-06-18T19:08:49+00:00", number: "1", summary: "Initial version", }, { date: "2019-06-18T19:08:49+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-17T15:03:54+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "JBoss Core Services Apache HTTP Server 2.4.29 SP2", product: { name: "JBoss Core Services Apache HTTP Server 2.4.29 SP2", product_id: "JBoss Core Services Apache HTTP Server 2.4.29 SP2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1", }, }, }, ], category: "product_family", name: "Red Hat JBoss Core Services", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2018-0495", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-06-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1591163", }, ], notes: [ { category: "description", text: "Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.", title: "Vulnerability description", }, { category: "summary", text: "ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries", title: "Vulnerability summary", }, { category: "other", text: "Since the 5.8.3 release, Red Hat CloudForms no longer uses libtomcrypt.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-0495", }, { category: "external", summary: "RHBZ#1591163", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1591163", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-0495", url: "https://www.cve.org/CVERecord?id=CVE-2018-0495", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-0495", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-0495", }, { category: "external", summary: "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/", url: "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries", }, { cve: "CVE-2018-0732", cwe: { id: "CWE-325", name: "Missing Cryptographic Step", }, discovery_date: "2018-06-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1591100", }, ], notes: [ { category: "description", text: "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).", title: "Vulnerability description", }, { category: "summary", text: "openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-0732", }, { category: "external", summary: "RHBZ#1591100", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1591100", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-0732", url: "https://www.cve.org/CVERecord?id=CVE-2018-0732", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-0732", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-0732", }, { category: "external", summary: "https://www.openssl.org/news/secadv/20180612.txt", url: "https://www.openssl.org/news/secadv/20180612.txt", }, ], release_date: "2018-06-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang", }, { cve: "CVE-2018-14404", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1595985", }, ], notes: [ { category: "description", text: "A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14404", }, { category: "external", summary: "RHBZ#1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14404", url: "https://www.cve.org/CVERecord?id=CVE-2018-14404", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", }, ], release_date: "2018-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Harry Sintonen", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16839", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-10-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1642201", }, ], notes: [ { category: "description", text: "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.", title: "Vulnerability description", }, { category: "summary", text: "curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16839", }, { category: "external", summary: "RHBZ#1642201", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1642201", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16839", url: "https://www.cve.org/CVERecord?id=CVE-2018-16839", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16839", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16839", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16839.html", url: "https://curl.haxx.se/docs/CVE-2018-16839.html", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message()", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Brian Carpenter", ], organization: "Geeknik Labs", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16840", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2018-10-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1642203", }, ], notes: [ { category: "description", text: "A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.", title: "Vulnerability description", }, { category: "summary", text: "curl: Use-after-free when closing \"easy\" handle in Curl_close()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16840", }, { category: "external", summary: "RHBZ#1642203", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1642203", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16840", url: "https://www.cve.org/CVERecord?id=CVE-2018-16840", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16840", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16840", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16840.html", url: "https://curl.haxx.se/docs/CVE-2018-16840.html", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: Use-after-free when closing \"easy\" handle in Curl_close()", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Brian Carpenter", ], organization: "Geeknik Labs", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16842", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-10-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1644124", }, ], notes: [ { category: "description", text: "Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.", title: "Vulnerability description", }, { category: "summary", text: "curl: Heap-based buffer over-read in the curl tool warning formatting", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16842", }, { category: "external", summary: "RHBZ#1644124", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1644124", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16842", url: "https://www.cve.org/CVERecord?id=CVE-2018-16842", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16842", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16842", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16842.html", url: "https://curl.haxx.se/docs/CVE-2018-16842.html", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.6, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: Heap-based buffer over-read in the curl tool warning formatting", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Wenxiang Qian", ], organization: "Tencent Blade Team", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-16890", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670252", }, ], notes: [ { category: "description", text: "An out-of-bounds read flaw was found in the way curl handled NTLMv2 type-2 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash.", title: "Vulnerability description", }, { category: "summary", text: "curl: NTLM type-2 heap out-of-bounds buffer read", title: "Vulnerability summary", }, { category: "other", text: "The versions of curl package shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support NTLMv2 type-2 headers, hence they are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-16890", }, { category: "external", summary: "RHBZ#1670252", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670252", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-16890", url: "https://www.cve.org/CVERecord?id=CVE-2018-16890", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2018-16890.html", url: "https://curl.haxx.se/docs/CVE-2018-16890.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "Turn off NTLM authentication.", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: NTLM type-2 heap out-of-bounds buffer read", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Zhouyihai Ding", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000005", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-01-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1536013", }, ], notes: [ { category: "description", text: "libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something.", title: "Vulnerability description", }, { category: "summary", text: "curl: Out-of-bounds read in code handling HTTP/2 trailers", title: "Vulnerability summary", }, { category: "other", text: "This flaw was introduced in curl-7.49.0. Therefore the versions of curl shipped with Red Hat Enterprise Linux 5, 6 and 7 and Red Hat Ceph Storage 2 are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000005", }, { category: "external", summary: "RHBZ#1536013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1536013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000005", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000005", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000005", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000005", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-824a.html", url: "https://curl.haxx.se/docs/adv_2018-824a.html", }, ], release_date: "2018-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: Out-of-bounds read in code handling HTTP/2 trailers", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Craig de Stigter", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000007", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-01-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1537125", }, ], notes: [ { category: "description", text: "It was found that curl and libcurl might send their Authentication header to a third party HTTP server upon receiving an HTTP REDIRECT reply. This could leak authentication token to external entities.", title: "Vulnerability description", }, { category: "summary", text: "curl: HTTP authentication leak in redirects", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of curl as shipped with Red Hat Enterprise Linux 5, 6, and 7, as well as the versions of httpd24-curl as shipped with Red Hat Software Collections. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000007", }, { category: "external", summary: "RHBZ#1537125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1537125", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000007", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000007", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000007", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000007", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-b3bf.html", url: "https://curl.haxx.se/docs/adv_2018-b3bf.html", }, ], release_date: "2018-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "By default, curl and libcurl will not follow redirect requests.\nThis flaw happens only when curl or libcurl are explicitly requested to follow redirects (option --location in curl, and CURLOPT_FOLLOWLOCATION in libcurl).\nTo mitigate this, it is possible to prevent the automated following of redirects, replacing it by manual redirects (and remove the authentication header), for example.", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: HTTP authentication leak in redirects", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Duy Phan Thanh", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000120", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2018-03-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1552628", }, ], notes: [ { category: "description", text: "It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash or an unspecified behavior.", title: "Vulnerability description", }, { category: "summary", text: "curl: FTP path trickery leads to NIL byte out of bounds write", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000120", }, { category: "external", summary: "RHBZ#1552628", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1552628", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000120", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000120", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-9cd6.html", url: "https://curl.haxx.se/docs/adv_2018-9cd6.html", }, ], release_date: "2018-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "Preventing application from using non-default CURLOPT_FTP_FILEMETHOD will avoid triggering the vulnerable code.", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: FTP path trickery leads to NIL byte out of bounds write", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Dario Weisser", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000121", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-03-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1552631", }, ], notes: [ { category: "description", text: "A NULL pointer dereference flaw was found in the way libcurl checks values returned by the openldap ldap_get_attribute_ber() function. A malicious LDAP server could use this flaw to crash a libcurl client application via a specially crafted LDAP reply.", title: "Vulnerability description", }, { category: "summary", text: "curl: LDAP NULL pointer dereference", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000121", }, { category: "external", summary: "RHBZ#1552631", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1552631", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000121", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000121", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-97a2.html", url: "https://curl.haxx.se/docs/adv_2018-97a2.html", }, ], release_date: "2018-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: LDAP NULL pointer dereference", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "Max Dymond", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2018-1000122", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-03-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1553398", }, ], notes: [ { category: "description", text: "A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage", title: "Vulnerability description", }, { category: "summary", text: "curl: RTSP RTP buffer over-read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000122", }, { category: "external", summary: "RHBZ#1553398", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1553398", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000122", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000122", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122", }, { category: "external", summary: "https://curl.haxx.se/docs/adv_2018-b047.html", url: "https://curl.haxx.se/docs/adv_2018-b047.html", }, ], release_date: "2018-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: RTSP RTP buffer over-read", }, { cve: "CVE-2019-0211", cwe: { id: "CWE-250", name: "Execution with Unnecessary Privileges", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1694980", }, ], notes: [ { category: "description", text: "A flaw was found in Apache where code executing in a less-privileged child process or thread could execute arbitrary code with the privilege of the parent process (usually root). An attacker having access to run arbitrary scripts on the web server (PHP, CGI etc) could use this flaw to run code on the web server with root privileges.", title: "Vulnerability description", }, { category: "summary", text: "httpd: privilege escalation from modules scripts", title: "Vulnerability summary", }, { category: "other", text: "This flaw is exploitable in httpd if it is configured to allow an untrusted user to upload and execute arbitrary scripts. Due to the nature of the flaw, the uploaded script would not run as a restricted privileged user, but rather it runs as root allowing for privilege escalation from the restricted user to root on the web server. \n\nDepending on the configuration of the server, you would need local (AV:L) privileges to place the script or network (AV:N) privileges if the server ran an application that permitted uploading scripts directly. The latter scenario is not common for unauthenticated users. Once the attacker can place the script somewhere in the web root where it can be easily exploited (AC:L). This type of setup is more common in shared hosted environments (PR:L) and would allow an attacker with access to a site on the shared hosted to impact the confidentiality, integrity, and availability (CIA:H) with no interaction (UI:N). Due to the elevated privileges obtained, there is an impact to the system beyond the web server itself (S:C).", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-0211", }, { category: "external", summary: "RHBZ#1694980", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1694980", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-0211", url: "https://www.cve.org/CVERecord?id=CVE-2019-0211", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-0211", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-0211", }, { category: "external", summary: "http://www.apache.org/dist/httpd/CHANGES_2.4", url: "http://www.apache.org/dist/httpd/CHANGES_2.4", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0211", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0211", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2019-04-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "exploit_status", date: "2021-11-03T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "httpd: privilege escalation from modules scripts", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Wenxiang Qian", ], organization: "Tencent Blade Team", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3822", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670254", }, ], notes: [ { category: "description", text: "A stack-based buffer overflow was found in the way curl handled NTLMv2 type-3 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash.", title: "Vulnerability description", }, { category: "summary", text: "curl: NTLMv2 type-3 header stack buffer overflow", title: "Vulnerability summary", }, { category: "other", text: "The versions of curl package shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support NTLMv2 type-3 headers, hence they are not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3822", }, { category: "external", summary: "RHBZ#1670254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670254", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3822", url: "https://www.cve.org/CVERecord?id=CVE-2019-3822", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-3822.html", url: "https://curl.haxx.se/docs/CVE-2019-3822.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "Turn off NTLM authentication.", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "curl: NTLMv2 type-3 header stack buffer overflow", }, { acknowledgments: [ { names: [ "Daniel Stenberg", ], organization: "the Curl project", }, { names: [ "Brian Carpenter", ], organization: "Geeknik Labs", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3823", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670256", }, ], notes: [ { category: "description", text: "An out-of-bounds read flaw was found in the way curl handled certain SMTP responses. A remote attacker could use this flaw to crash curl.", title: "Vulnerability description", }, { category: "summary", text: "curl: SMTP end-of-response out-of-bounds read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3823", }, { category: "external", summary: "RHBZ#1670256", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670256", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3823", url: "https://www.cve.org/CVERecord?id=CVE-2019-3823", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-3823.html", url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, ], release_date: "2019-02-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, { category: "workaround", details: "Do not use SMTP authentication with curl", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: SMTP end-of-response out-of-bounds read", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "l00p3r", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-5436", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-05-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710620", }, ], notes: [ { category: "description", text: "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", title: "Vulnerability description", }, { category: "summary", text: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", title: "Vulnerability summary", }, { category: "other", text: "This flaw exists if the user selects to use a \"blksize\" of 504 or smaller (default is 512). The smaller size that is used, the larger the possible overflow becomes.\nUsers choosing a smaller size than default should be rare as the primary use case for changing the size is to make it larger. It is rare for users to use TFTP across the Internet. It is most commonly used within local networks.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-5436", }, { category: "external", summary: "RHBZ#1710620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-5436", url: "https://www.cve.org/CVERecord?id=CVE-2019-5436", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-5436.html", url: "https://curl.haxx.se/docs/CVE-2019-5436.html", }, ], release_date: "2019-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-18T19:08:49+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Core Services installation (including all applications and configuration files).", product_ids: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1543", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "JBoss Core Services Apache HTTP Server 2.4.29 SP2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", }, ], }
suse-su-2019:0248-1
Vulnerability from csaf_suse
Published
2019-02-06 07:35
Modified
2019-02-06 07:35
Summary
Security update for curl
Notes
Title of the patch
Security update for curl
Description of the patch
This update for curl fixes the following issues:
Security issues fixed:
- CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP (bsc#1123378).
- CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message (bsc#1123377).
- CVE-2018-16890: Fixed a heap buffer out-of-bounds read in the function handling incoming NTLM type-2 messages (bsc#1123371).
Patchnames
SUSE-2019-248,SUSE-SLE-Module-Basesystem-15-2019-248,SUSE-SLE-Module-Development-Tools-OBS-15-2019-248
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for curl", title: "Title of the patch", }, { category: "description", text: "This update for curl fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP (bsc#1123378).\n- CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message (bsc#1123377).\n- CVE-2018-16890: Fixed a heap buffer out-of-bounds read in the function handling incoming NTLM type-2 messages (bsc#1123371).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-248,SUSE-SLE-Module-Basesystem-15-2019-248,SUSE-SLE-Module-Development-Tools-OBS-15-2019-248", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0248-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:0248-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20190248-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:0248-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005086.html", }, { category: "self", summary: "SUSE Bug 1123371", url: "https://bugzilla.suse.com/1123371", }, { category: "self", summary: "SUSE Bug 1123377", url: "https://bugzilla.suse.com/1123377", }, { category: "self", summary: "SUSE Bug 1123378", url: "https://bugzilla.suse.com/1123378", }, { category: "self", summary: "SUSE CVE CVE-2018-16890 page", url: "https://www.suse.com/security/cve/CVE-2018-16890/", }, { category: "self", summary: "SUSE CVE CVE-2019-3822 page", url: "https://www.suse.com/security/cve/CVE-2019-3822/", }, { category: "self", summary: "SUSE CVE CVE-2019-3823 page", url: "https://www.suse.com/security/cve/CVE-2019-3823/", }, ], title: "Security update for curl", tracking: { current_release_date: "2019-02-06T07:35:24Z", generator: { date: "2019-02-06T07:35:24Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:0248-1", initial_release_date: "2019-02-06T07:35:24Z", revision_history: [ { date: "2019-02-06T07:35:24Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "curl-7.60.0-3.17.1.aarch64", product: { name: "curl-7.60.0-3.17.1.aarch64", product_id: "curl-7.60.0-3.17.1.aarch64", }, }, { category: "product_version", name: "curl-mini-7.60.0-3.17.1.aarch64", product: { name: "curl-mini-7.60.0-3.17.1.aarch64", product_id: "curl-mini-7.60.0-3.17.1.aarch64", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-3.17.1.aarch64", product: { name: "libcurl-devel-7.60.0-3.17.1.aarch64", product_id: "libcurl-devel-7.60.0-3.17.1.aarch64", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-3.17.1.aarch64", product: { name: "libcurl-mini-devel-7.60.0-3.17.1.aarch64", product_id: "libcurl-mini-devel-7.60.0-3.17.1.aarch64", }, }, { category: "product_version", name: "libcurl4-7.60.0-3.17.1.aarch64", product: { name: "libcurl4-7.60.0-3.17.1.aarch64", product_id: "libcurl4-7.60.0-3.17.1.aarch64", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-3.17.1.aarch64", product: { name: "libcurl4-mini-7.60.0-3.17.1.aarch64", product_id: "libcurl4-mini-7.60.0-3.17.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libcurl-devel-64bit-7.60.0-3.17.1.aarch64_ilp32", product: { name: "libcurl-devel-64bit-7.60.0-3.17.1.aarch64_ilp32", product_id: "libcurl-devel-64bit-7.60.0-3.17.1.aarch64_ilp32", }, }, { category: "product_version", name: "libcurl4-64bit-7.60.0-3.17.1.aarch64_ilp32", product: { name: "libcurl4-64bit-7.60.0-3.17.1.aarch64_ilp32", product_id: "libcurl4-64bit-7.60.0-3.17.1.aarch64_ilp32", }, }, ], category: "architecture", name: "aarch64_ilp32", }, { branches: [ { category: "product_version", name: "curl-7.60.0-3.17.1.i586", product: { name: "curl-7.60.0-3.17.1.i586", product_id: "curl-7.60.0-3.17.1.i586", }, }, { category: "product_version", name: "curl-mini-7.60.0-3.17.1.i586", product: { name: "curl-mini-7.60.0-3.17.1.i586", product_id: "curl-mini-7.60.0-3.17.1.i586", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-3.17.1.i586", product: { name: "libcurl-devel-7.60.0-3.17.1.i586", product_id: "libcurl-devel-7.60.0-3.17.1.i586", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-3.17.1.i586", product: { name: "libcurl-mini-devel-7.60.0-3.17.1.i586", product_id: "libcurl-mini-devel-7.60.0-3.17.1.i586", }, }, { category: "product_version", name: "libcurl4-7.60.0-3.17.1.i586", product: { name: "libcurl4-7.60.0-3.17.1.i586", product_id: "libcurl4-7.60.0-3.17.1.i586", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-3.17.1.i586", product: { name: "libcurl4-mini-7.60.0-3.17.1.i586", product_id: "libcurl4-mini-7.60.0-3.17.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "curl-7.60.0-3.17.1.ppc64le", product: { name: "curl-7.60.0-3.17.1.ppc64le", product_id: "curl-7.60.0-3.17.1.ppc64le", }, }, { category: "product_version", name: "curl-mini-7.60.0-3.17.1.ppc64le", product: { name: "curl-mini-7.60.0-3.17.1.ppc64le", product_id: "curl-mini-7.60.0-3.17.1.ppc64le", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-3.17.1.ppc64le", product: { name: "libcurl-devel-7.60.0-3.17.1.ppc64le", product_id: "libcurl-devel-7.60.0-3.17.1.ppc64le", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-3.17.1.ppc64le", product: { name: "libcurl-mini-devel-7.60.0-3.17.1.ppc64le", product_id: "libcurl-mini-devel-7.60.0-3.17.1.ppc64le", }, }, { category: "product_version", name: "libcurl4-7.60.0-3.17.1.ppc64le", product: { name: "libcurl4-7.60.0-3.17.1.ppc64le", product_id: "libcurl4-7.60.0-3.17.1.ppc64le", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-3.17.1.ppc64le", product: { name: "libcurl4-mini-7.60.0-3.17.1.ppc64le", product_id: "libcurl4-mini-7.60.0-3.17.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "curl-7.60.0-3.17.1.s390x", product: { name: "curl-7.60.0-3.17.1.s390x", product_id: "curl-7.60.0-3.17.1.s390x", }, }, { category: "product_version", name: "curl-mini-7.60.0-3.17.1.s390x", product: { name: "curl-mini-7.60.0-3.17.1.s390x", product_id: "curl-mini-7.60.0-3.17.1.s390x", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-3.17.1.s390x", product: { name: "libcurl-devel-7.60.0-3.17.1.s390x", product_id: "libcurl-devel-7.60.0-3.17.1.s390x", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-3.17.1.s390x", product: { name: "libcurl-mini-devel-7.60.0-3.17.1.s390x", product_id: "libcurl-mini-devel-7.60.0-3.17.1.s390x", }, }, { category: "product_version", name: "libcurl4-7.60.0-3.17.1.s390x", product: { name: "libcurl4-7.60.0-3.17.1.s390x", product_id: "libcurl4-7.60.0-3.17.1.s390x", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-3.17.1.s390x", product: { name: "libcurl4-mini-7.60.0-3.17.1.s390x", product_id: "libcurl4-mini-7.60.0-3.17.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "curl-7.60.0-3.17.1.x86_64", product: { name: "curl-7.60.0-3.17.1.x86_64", product_id: "curl-7.60.0-3.17.1.x86_64", }, }, { category: "product_version", name: "curl-mini-7.60.0-3.17.1.x86_64", product: { name: "curl-mini-7.60.0-3.17.1.x86_64", product_id: "curl-mini-7.60.0-3.17.1.x86_64", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-3.17.1.x86_64", product: { name: "libcurl-devel-7.60.0-3.17.1.x86_64", product_id: "libcurl-devel-7.60.0-3.17.1.x86_64", }, }, { category: "product_version", name: "libcurl-devel-32bit-7.60.0-3.17.1.x86_64", product: { name: "libcurl-devel-32bit-7.60.0-3.17.1.x86_64", product_id: "libcurl-devel-32bit-7.60.0-3.17.1.x86_64", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-3.17.1.x86_64", product: { name: "libcurl-mini-devel-7.60.0-3.17.1.x86_64", product_id: "libcurl-mini-devel-7.60.0-3.17.1.x86_64", }, }, { category: "product_version", name: "libcurl4-7.60.0-3.17.1.x86_64", product: { name: "libcurl4-7.60.0-3.17.1.x86_64", product_id: "libcurl4-7.60.0-3.17.1.x86_64", }, }, { category: "product_version", name: "libcurl4-32bit-7.60.0-3.17.1.x86_64", product: { name: "libcurl4-32bit-7.60.0-3.17.1.x86_64", product_id: "libcurl4-32bit-7.60.0-3.17.1.x86_64", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-3.17.1.x86_64", product: { name: "libcurl4-mini-7.60.0-3.17.1.x86_64", product_id: "libcurl4-mini-7.60.0-3.17.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15", product: { name: "SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "curl-7.60.0-3.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.aarch64", }, product_reference: "curl-7.60.0-3.17.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "curl-7.60.0-3.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.ppc64le", }, product_reference: "curl-7.60.0-3.17.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "curl-7.60.0-3.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.s390x", }, product_reference: "curl-7.60.0-3.17.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "curl-7.60.0-3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.x86_64", }, product_reference: "curl-7.60.0-3.17.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.60.0-3.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.aarch64", }, product_reference: "libcurl-devel-7.60.0-3.17.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.60.0-3.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.ppc64le", }, product_reference: "libcurl-devel-7.60.0-3.17.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.60.0-3.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.s390x", }, product_reference: "libcurl-devel-7.60.0-3.17.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.60.0-3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.x86_64", }, product_reference: "libcurl-devel-7.60.0-3.17.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-3.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.aarch64", }, product_reference: "libcurl4-7.60.0-3.17.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-3.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.ppc64le", }, product_reference: "libcurl4-7.60.0-3.17.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-3.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.s390x", }, product_reference: "libcurl4-7.60.0-3.17.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.x86_64", }, product_reference: "libcurl4-7.60.0-3.17.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.60.0-3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-32bit-7.60.0-3.17.1.x86_64", }, product_reference: "libcurl4-32bit-7.60.0-3.17.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, ], }, vulnerabilities: [ { cve: "CVE-2018-16890", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16890", }, ], notes: [ { category: "general", text: "libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-32bit-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16890", url: "https://www.suse.com/security/cve/CVE-2018-16890", }, { category: "external", summary: "SUSE Bug 1123371 for CVE-2018-16890", url: "https://bugzilla.suse.com/1123371", }, { category: "external", summary: "SUSE Bug 1123378 for CVE-2018-16890", url: "https://bugzilla.suse.com/1123378", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2018-16890", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-32bit-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-32bit-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-06T07:35:24Z", details: "low", }, ], title: "CVE-2018-16890", }, { cve: "CVE-2019-3822", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3822", }, ], notes: [ { category: "general", text: "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-32bit-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3822", url: "https://www.suse.com/security/cve/CVE-2019-3822", }, { category: "external", summary: "SUSE Bug 1123377 for CVE-2019-3822", url: "https://bugzilla.suse.com/1123377", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2019-3822", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-32bit-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-32bit-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-06T07:35:24Z", details: "important", }, ], title: "CVE-2019-3822", }, { cve: "CVE-2019-3823", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3823", }, ], notes: [ { category: "general", text: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-32bit-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3823", url: "https://www.suse.com/security/cve/CVE-2019-3823", }, { category: "external", summary: "SUSE Bug 1123378 for CVE-2019-3823", url: "https://bugzilla.suse.com/1123378", }, { category: "external", summary: "SUSE Bug 1126909 for CVE-2019-3823", url: "https://bugzilla.suse.com/1126909", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2019-3823", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-32bit-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:curl-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl-devel-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-32bit-7.60.0-3.17.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:libcurl4-7.60.0-3.17.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-06T07:35:24Z", details: "moderate", }, ], title: "CVE-2019-3823", }, ], }
suse-su-2019:0249-2
Vulnerability from csaf_suse
Published
2019-04-12 06:24
Modified
2019-04-12 06:24
Summary
Security update for curl
Notes
Title of the patch
Security update for curl
Description of the patch
This update for curl fixes the following issues:
Security issues fixed:
- CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP (bsc#1123378).
- CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message (bsc#1123377).
- CVE-2018-16890: Fixed a heap buffer out-of-bounds read in the function handling incoming NTLM type-2 messages (bsc#1123371).
Patchnames
SUSE-2019-249,SUSE-SLE-SAP-12-SP1-2019-249
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for curl", title: "Title of the patch", }, { category: "description", text: "This update for curl fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP (bsc#1123378).\n- CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message (bsc#1123377).\n- CVE-2018-16890: Fixed a heap buffer out-of-bounds read in the function handling incoming NTLM type-2 messages (bsc#1123371).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-249,SUSE-SLE-SAP-12-SP1-2019-249", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0249-2.json", }, { category: "self", summary: "URL for SUSE-SU-2019:0249-2", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20190249-2/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:0249-2", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-April/005327.html", }, { category: "self", summary: "SUSE Bug 1123371", url: "https://bugzilla.suse.com/1123371", }, { category: "self", summary: "SUSE Bug 1123377", url: "https://bugzilla.suse.com/1123377", }, { category: "self", summary: "SUSE Bug 1123378", url: "https://bugzilla.suse.com/1123378", }, { category: "self", summary: "SUSE CVE CVE-2018-16890 page", url: "https://www.suse.com/security/cve/CVE-2018-16890/", }, { category: "self", summary: "SUSE CVE CVE-2019-3822 page", url: "https://www.suse.com/security/cve/CVE-2019-3822/", }, { category: "self", summary: "SUSE CVE CVE-2019-3823 page", url: "https://www.suse.com/security/cve/CVE-2019-3823/", }, ], title: "Security update for curl", tracking: { current_release_date: "2019-04-12T06:24:04Z", generator: { date: "2019-04-12T06:24:04Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:0249-2", initial_release_date: "2019-04-12T06:24:04Z", revision_history: [ { date: "2019-04-12T06:24:04Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "curl-7.37.0-37.34.1.aarch64", product: { name: "curl-7.37.0-37.34.1.aarch64", product_id: "curl-7.37.0-37.34.1.aarch64", }, }, { category: "product_version", name: "libcurl-devel-7.37.0-37.34.1.aarch64", product: { name: "libcurl-devel-7.37.0-37.34.1.aarch64", product_id: "libcurl-devel-7.37.0-37.34.1.aarch64", }, }, { category: "product_version", name: "libcurl4-7.37.0-37.34.1.aarch64", product: { name: "libcurl4-7.37.0-37.34.1.aarch64", product_id: "libcurl4-7.37.0-37.34.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libcurl-devel-64bit-7.37.0-37.34.1.aarch64_ilp32", product: { name: "libcurl-devel-64bit-7.37.0-37.34.1.aarch64_ilp32", product_id: "libcurl-devel-64bit-7.37.0-37.34.1.aarch64_ilp32", }, }, { category: "product_version", name: "libcurl4-64bit-7.37.0-37.34.1.aarch64_ilp32", product: { name: "libcurl4-64bit-7.37.0-37.34.1.aarch64_ilp32", product_id: "libcurl4-64bit-7.37.0-37.34.1.aarch64_ilp32", }, }, ], category: "architecture", name: "aarch64_ilp32", }, { branches: [ { category: "product_version", name: "curl-7.37.0-37.34.1.i586", product: { name: "curl-7.37.0-37.34.1.i586", product_id: "curl-7.37.0-37.34.1.i586", }, }, { category: "product_version", name: "libcurl-devel-7.37.0-37.34.1.i586", product: { name: "libcurl-devel-7.37.0-37.34.1.i586", product_id: "libcurl-devel-7.37.0-37.34.1.i586", }, }, { category: "product_version", name: "libcurl4-7.37.0-37.34.1.i586", product: { name: "libcurl4-7.37.0-37.34.1.i586", product_id: "libcurl4-7.37.0-37.34.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "curl-7.37.0-37.34.1.ppc64le", product: { name: "curl-7.37.0-37.34.1.ppc64le", product_id: "curl-7.37.0-37.34.1.ppc64le", }, }, { category: "product_version", name: "libcurl-devel-7.37.0-37.34.1.ppc64le", product: { name: "libcurl-devel-7.37.0-37.34.1.ppc64le", product_id: "libcurl-devel-7.37.0-37.34.1.ppc64le", }, }, { category: "product_version", name: "libcurl4-7.37.0-37.34.1.ppc64le", product: { name: "libcurl4-7.37.0-37.34.1.ppc64le", product_id: "libcurl4-7.37.0-37.34.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "curl-7.37.0-37.34.1.s390", product: { name: "curl-7.37.0-37.34.1.s390", product_id: "curl-7.37.0-37.34.1.s390", }, }, { category: "product_version", name: "libcurl-devel-7.37.0-37.34.1.s390", product: { name: "libcurl-devel-7.37.0-37.34.1.s390", product_id: "libcurl-devel-7.37.0-37.34.1.s390", }, }, { category: "product_version", name: "libcurl4-7.37.0-37.34.1.s390", product: { name: "libcurl4-7.37.0-37.34.1.s390", product_id: "libcurl4-7.37.0-37.34.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "curl-7.37.0-37.34.1.s390x", product: { name: "curl-7.37.0-37.34.1.s390x", product_id: "curl-7.37.0-37.34.1.s390x", }, }, { category: "product_version", name: "libcurl-devel-7.37.0-37.34.1.s390x", product: { name: "libcurl-devel-7.37.0-37.34.1.s390x", product_id: "libcurl-devel-7.37.0-37.34.1.s390x", }, }, { category: "product_version", name: "libcurl-devel-32bit-7.37.0-37.34.1.s390x", product: { name: "libcurl-devel-32bit-7.37.0-37.34.1.s390x", product_id: "libcurl-devel-32bit-7.37.0-37.34.1.s390x", }, }, { category: "product_version", name: "libcurl4-7.37.0-37.34.1.s390x", product: { name: "libcurl4-7.37.0-37.34.1.s390x", product_id: "libcurl4-7.37.0-37.34.1.s390x", }, }, { category: "product_version", name: "libcurl4-32bit-7.37.0-37.34.1.s390x", product: { name: "libcurl4-32bit-7.37.0-37.34.1.s390x", product_id: "libcurl4-32bit-7.37.0-37.34.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "curl-7.37.0-37.34.1.x86_64", product: { name: "curl-7.37.0-37.34.1.x86_64", product_id: "curl-7.37.0-37.34.1.x86_64", }, }, { category: "product_version", name: "libcurl-devel-7.37.0-37.34.1.x86_64", product: { name: "libcurl-devel-7.37.0-37.34.1.x86_64", product_id: "libcurl-devel-7.37.0-37.34.1.x86_64", }, }, { category: "product_version", name: "libcurl-devel-32bit-7.37.0-37.34.1.x86_64", product: { name: "libcurl-devel-32bit-7.37.0-37.34.1.x86_64", product_id: "libcurl-devel-32bit-7.37.0-37.34.1.x86_64", }, }, { category: "product_version", name: "libcurl4-7.37.0-37.34.1.x86_64", product: { name: "libcurl4-7.37.0-37.34.1.x86_64", product_id: "libcurl4-7.37.0-37.34.1.x86_64", }, }, { category: "product_version", name: "libcurl4-32bit-7.37.0-37.34.1.x86_64", product: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64", product_id: "libcurl4-32bit-7.37.0-37.34.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:curl-7.37.0-37.34.1.x86_64", }, product_reference: "curl-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-32bit-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, ], }, vulnerabilities: [ { cve: "CVE-2018-16890", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16890", }, ], notes: [ { category: "general", text: "libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-7.37.0-37.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16890", url: "https://www.suse.com/security/cve/CVE-2018-16890", }, { category: "external", summary: "SUSE Bug 1123371 for CVE-2018-16890", url: "https://bugzilla.suse.com/1123371", }, { category: "external", summary: "SUSE Bug 1123378 for CVE-2018-16890", url: "https://bugzilla.suse.com/1123378", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2018-16890", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-7.37.0-37.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-7.37.0-37.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-12T06:24:04Z", details: "low", }, ], title: "CVE-2018-16890", }, { cve: "CVE-2019-3822", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3822", }, ], notes: [ { category: "general", text: "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-7.37.0-37.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3822", url: "https://www.suse.com/security/cve/CVE-2019-3822", }, { category: "external", summary: "SUSE Bug 1123377 for CVE-2019-3822", url: "https://bugzilla.suse.com/1123377", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2019-3822", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-7.37.0-37.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-7.37.0-37.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-12T06:24:04Z", details: "important", }, ], title: "CVE-2019-3822", }, { cve: "CVE-2019-3823", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3823", }, ], notes: [ { category: "general", text: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-7.37.0-37.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3823", url: "https://www.suse.com/security/cve/CVE-2019-3823", }, { category: "external", summary: "SUSE Bug 1123378 for CVE-2019-3823", url: "https://bugzilla.suse.com/1123378", }, { category: "external", summary: "SUSE Bug 1126909 for CVE-2019-3823", url: "https://bugzilla.suse.com/1126909", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2019-3823", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-7.37.0-37.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libcurl4-7.37.0-37.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-12T06:24:04Z", details: "moderate", }, ], title: "CVE-2019-3823", }, ], }
suse-su-2019:0249-1
Vulnerability from csaf_suse
Published
2019-02-06 07:36
Modified
2019-02-06 07:36
Summary
Security update for curl
Notes
Title of the patch
Security update for curl
Description of the patch
This update for curl fixes the following issues:
Security issues fixed:
- CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP (bsc#1123378).
- CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message (bsc#1123377).
- CVE-2018-16890: Fixed a heap buffer out-of-bounds read in the function handling incoming NTLM type-2 messages (bsc#1123371).
Patchnames
SUSE-2019-249,SUSE-OpenStack-Cloud-7-2019-249,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-249,SUSE-SLE-DESKTOP-12-SP3-2019-249,SUSE-SLE-SAP-12-SP2-2019-249,SUSE-SLE-SDK-12-SP3-2019-249,SUSE-SLE-SERVER-12-2019-249,SUSE-SLE-SERVER-12-SP1-2019-249,SUSE-SLE-SERVER-12-SP2-2019-249,SUSE-SLE-SERVER-12-SP2-BCL-2019-249,SUSE-SLE-SERVER-12-SP3-2019-249,SUSE-Storage-4-2019-249
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for curl", title: "Title of the patch", }, { category: "description", text: "This update for curl fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP (bsc#1123378).\n- CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message (bsc#1123377).\n- CVE-2018-16890: Fixed a heap buffer out-of-bounds read in the function handling incoming NTLM type-2 messages (bsc#1123371).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-249,SUSE-OpenStack-Cloud-7-2019-249,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-249,SUSE-SLE-DESKTOP-12-SP3-2019-249,SUSE-SLE-SAP-12-SP2-2019-249,SUSE-SLE-SDK-12-SP3-2019-249,SUSE-SLE-SERVER-12-2019-249,SUSE-SLE-SERVER-12-SP1-2019-249,SUSE-SLE-SERVER-12-SP2-2019-249,SUSE-SLE-SERVER-12-SP2-BCL-2019-249,SUSE-SLE-SERVER-12-SP3-2019-249,SUSE-Storage-4-2019-249", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0249-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:0249-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20190249-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:0249-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005088.html", }, { category: "self", summary: "SUSE Bug 1123371", url: "https://bugzilla.suse.com/1123371", }, { category: "self", summary: "SUSE Bug 1123377", url: "https://bugzilla.suse.com/1123377", }, { category: "self", summary: "SUSE Bug 1123378", url: "https://bugzilla.suse.com/1123378", }, { category: "self", summary: "SUSE CVE CVE-2018-16890 page", url: "https://www.suse.com/security/cve/CVE-2018-16890/", }, { category: "self", summary: "SUSE CVE CVE-2019-3822 page", url: "https://www.suse.com/security/cve/CVE-2019-3822/", }, { category: "self", summary: "SUSE CVE CVE-2019-3823 page", url: "https://www.suse.com/security/cve/CVE-2019-3823/", }, ], title: "Security update for curl", tracking: { current_release_date: "2019-02-06T07:36:48Z", generator: { date: "2019-02-06T07:36:48Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:0249-1", initial_release_date: "2019-02-06T07:36:48Z", revision_history: [ { date: "2019-02-06T07:36:48Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "curl-7.37.0-37.34.1.aarch64", product: { name: "curl-7.37.0-37.34.1.aarch64", product_id: "curl-7.37.0-37.34.1.aarch64", }, }, { category: "product_version", name: "libcurl-devel-7.37.0-37.34.1.aarch64", product: { name: "libcurl-devel-7.37.0-37.34.1.aarch64", product_id: "libcurl-devel-7.37.0-37.34.1.aarch64", }, }, { category: "product_version", name: "libcurl4-7.37.0-37.34.1.aarch64", product: { name: "libcurl4-7.37.0-37.34.1.aarch64", product_id: "libcurl4-7.37.0-37.34.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libcurl-devel-64bit-7.37.0-37.34.1.aarch64_ilp32", product: { name: "libcurl-devel-64bit-7.37.0-37.34.1.aarch64_ilp32", product_id: "libcurl-devel-64bit-7.37.0-37.34.1.aarch64_ilp32", }, }, { category: "product_version", name: "libcurl4-64bit-7.37.0-37.34.1.aarch64_ilp32", product: { name: "libcurl4-64bit-7.37.0-37.34.1.aarch64_ilp32", product_id: "libcurl4-64bit-7.37.0-37.34.1.aarch64_ilp32", }, }, ], category: "architecture", name: "aarch64_ilp32", }, { branches: [ { category: "product_version", name: "curl-7.37.0-37.34.1.i586", product: { name: "curl-7.37.0-37.34.1.i586", product_id: "curl-7.37.0-37.34.1.i586", }, }, { category: "product_version", name: "libcurl-devel-7.37.0-37.34.1.i586", product: { name: "libcurl-devel-7.37.0-37.34.1.i586", product_id: "libcurl-devel-7.37.0-37.34.1.i586", }, }, { category: "product_version", name: "libcurl4-7.37.0-37.34.1.i586", product: { name: "libcurl4-7.37.0-37.34.1.i586", product_id: "libcurl4-7.37.0-37.34.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "curl-7.37.0-37.34.1.ppc64le", product: { name: "curl-7.37.0-37.34.1.ppc64le", product_id: "curl-7.37.0-37.34.1.ppc64le", }, }, { category: "product_version", name: "libcurl-devel-7.37.0-37.34.1.ppc64le", product: { name: "libcurl-devel-7.37.0-37.34.1.ppc64le", product_id: "libcurl-devel-7.37.0-37.34.1.ppc64le", }, }, { category: "product_version", name: "libcurl4-7.37.0-37.34.1.ppc64le", product: { name: "libcurl4-7.37.0-37.34.1.ppc64le", product_id: "libcurl4-7.37.0-37.34.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "curl-7.37.0-37.34.1.s390", product: { name: "curl-7.37.0-37.34.1.s390", product_id: "curl-7.37.0-37.34.1.s390", }, }, { category: "product_version", name: "libcurl-devel-7.37.0-37.34.1.s390", product: { name: "libcurl-devel-7.37.0-37.34.1.s390", product_id: "libcurl-devel-7.37.0-37.34.1.s390", }, }, { category: "product_version", name: "libcurl4-7.37.0-37.34.1.s390", product: { name: "libcurl4-7.37.0-37.34.1.s390", product_id: "libcurl4-7.37.0-37.34.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "curl-7.37.0-37.34.1.s390x", product: { name: "curl-7.37.0-37.34.1.s390x", product_id: "curl-7.37.0-37.34.1.s390x", }, }, { category: "product_version", name: "libcurl-devel-7.37.0-37.34.1.s390x", product: { name: "libcurl-devel-7.37.0-37.34.1.s390x", product_id: "libcurl-devel-7.37.0-37.34.1.s390x", }, }, { category: "product_version", name: "libcurl-devel-32bit-7.37.0-37.34.1.s390x", product: { name: "libcurl-devel-32bit-7.37.0-37.34.1.s390x", product_id: "libcurl-devel-32bit-7.37.0-37.34.1.s390x", }, }, { category: "product_version", name: "libcurl4-7.37.0-37.34.1.s390x", product: { name: "libcurl4-7.37.0-37.34.1.s390x", product_id: "libcurl4-7.37.0-37.34.1.s390x", }, }, { category: "product_version", name: "libcurl4-32bit-7.37.0-37.34.1.s390x", product: { name: "libcurl4-32bit-7.37.0-37.34.1.s390x", product_id: "libcurl4-32bit-7.37.0-37.34.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "curl-7.37.0-37.34.1.x86_64", product: { name: "curl-7.37.0-37.34.1.x86_64", product_id: "curl-7.37.0-37.34.1.x86_64", }, }, { category: "product_version", name: "libcurl-devel-7.37.0-37.34.1.x86_64", product: { name: "libcurl-devel-7.37.0-37.34.1.x86_64", product_id: "libcurl-devel-7.37.0-37.34.1.x86_64", }, }, { category: "product_version", name: "libcurl-devel-32bit-7.37.0-37.34.1.x86_64", product: { name: "libcurl-devel-32bit-7.37.0-37.34.1.x86_64", product_id: "libcurl-devel-32bit-7.37.0-37.34.1.x86_64", }, }, { category: "product_version", name: "libcurl4-7.37.0-37.34.1.x86_64", product: { name: "libcurl4-7.37.0-37.34.1.x86_64", product_id: "libcurl4-7.37.0-37.34.1.x86_64", }, }, { category: "product_version", name: "libcurl4-32bit-7.37.0-37.34.1.x86_64", product: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64", product_id: "libcurl4-32bit-7.37.0-37.34.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE OpenStack Cloud 7", product: { name: "SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:7", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP3", product: { name: "SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP3", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12-LTSS", product: { name: "SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP1-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3", product: { name: "SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, { category: "product_name", name: "SUSE Enterprise Storage 4", product: { name: "SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4", product_identification_helper: { cpe: "cpe:/o:suse:ses:4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.s390x", }, product_reference: "curl-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.x86_64", }, product_reference: "curl-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.s390x", }, product_reference: "libcurl4-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.s390x", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:curl-7.37.0-37.34.1.x86_64", }, product_reference: "curl-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.ppc64le", }, product_reference: "curl-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.x86_64", }, product_reference: "curl-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.ppc64le", }, product_reference: "libcurl4-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-32bit-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.37.0-37.34.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.aarch64", }, product_reference: "libcurl-devel-7.37.0-37.34.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.ppc64le", }, product_reference: "libcurl-devel-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.s390x", }, product_reference: "libcurl-devel-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl-devel-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.ppc64le", }, product_reference: "curl-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.s390x", }, product_reference: "curl-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.x86_64", }, product_reference: "curl-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", }, product_reference: "libcurl4-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.s390x", }, product_reference: "libcurl4-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.ppc64le", }, product_reference: "curl-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.s390x", }, product_reference: "curl-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.x86_64", }, product_reference: "curl-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", }, product_reference: "libcurl4-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.s390x", }, product_reference: "libcurl4-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.ppc64le", }, product_reference: "curl-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.s390x", }, product_reference: "curl-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.x86_64", }, product_reference: "curl-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", }, product_reference: "libcurl4-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.s390x", }, product_reference: "libcurl4-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:curl-7.37.0-37.34.1.x86_64", }, product_reference: "curl-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-32bit-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.aarch64", }, product_reference: "curl-7.37.0-37.34.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.ppc64le", }, product_reference: "curl-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.s390x", }, product_reference: "curl-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.x86_64", }, product_reference: "curl-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", }, product_reference: "libcurl4-7.37.0-37.34.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", }, product_reference: "libcurl4-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.s390x", }, product_reference: "libcurl4-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.aarch64", }, product_reference: "curl-7.37.0-37.34.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.ppc64le", }, product_reference: "curl-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.s390x", }, product_reference: "curl-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.x86_64", }, product_reference: "curl-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", }, product_reference: "libcurl4-7.37.0-37.34.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", }, product_reference: "libcurl4-7.37.0-37.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.s390x", }, product_reference: "libcurl4-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "curl-7.37.0-37.34.1.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:curl-7.37.0-37.34.1.x86_64", }, product_reference: "curl-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.37.0-37.34.1.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:libcurl4-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.37.0-37.34.1.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:libcurl4-32bit-7.37.0-37.34.1.x86_64", }, product_reference: "libcurl4-32bit-7.37.0-37.34.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, ], }, vulnerabilities: [ { cve: "CVE-2018-16890", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16890", }, ], notes: [ { category: "general", text: "libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:curl-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16890", url: "https://www.suse.com/security/cve/CVE-2018-16890", }, { category: "external", summary: "SUSE Bug 1123371 for CVE-2018-16890", url: "https://bugzilla.suse.com/1123371", }, { category: "external", summary: "SUSE Bug 1123378 for CVE-2018-16890", url: "https://bugzilla.suse.com/1123378", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2018-16890", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:curl-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:curl-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-06T07:36:48Z", details: "low", }, ], title: "CVE-2018-16890", }, { cve: "CVE-2019-3822", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3822", }, ], notes: [ { category: "general", text: "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:curl-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3822", url: "https://www.suse.com/security/cve/CVE-2019-3822", }, { category: "external", summary: "SUSE Bug 1123377 for CVE-2019-3822", url: "https://bugzilla.suse.com/1123377", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2019-3822", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:curl-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:curl-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-06T07:36:48Z", details: "important", }, ], title: "CVE-2019-3822", }, { cve: "CVE-2019-3823", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3823", }, ], notes: [ { category: "general", text: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:curl-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3823", url: "https://www.suse.com/security/cve/CVE-2019-3823", }, { category: "external", summary: "SUSE Bug 1123378 for CVE-2019-3823", url: "https://bugzilla.suse.com/1123378", }, { category: "external", summary: "SUSE Bug 1126909 for CVE-2019-3823", url: "https://bugzilla.suse.com/1126909", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2019-3823", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:curl-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:curl-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Enterprise Storage 4:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:curl-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcurl4-7.37.0-37.34.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:libcurl-devel-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:curl-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-32bit-7.37.0-37.34.1.x86_64", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.s390x", "SUSE OpenStack Cloud 7:libcurl4-7.37.0-37.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-06T07:36:48Z", details: "moderate", }, ], title: "CVE-2019-3823", }, ], }
suse-su-2019:0339-1
Vulnerability from csaf_suse
Published
2019-02-13 07:33
Modified
2019-02-13 07:33
Summary
Security update for curl
Notes
Title of the patch
Security update for curl
Description of the patch
This update for curl fixes the following issues:
Security issues fixed:
- CVE-2019-3822: Fixed a NTLMv2 type-3 header stack buffer overflow (bsc#1123377).
- CVE-2019-3823: Fixed an out-of-bounds read in the SMTP end-of-response (bsc#1123378).
- CVE-2018-16890: Fixed an out-of-bounds buffer read in NTLM type2 (bsc#1123371).
- CVE-2018-16842: Fixed an out-of-bounds read in tool_msgs.c (bsc#1113660).
- CVE-2018-16840: Fixed a use-after-free in handle close (bsc#1113029).
- CVE-2018-16839: Fixed an SASL password overflow caused by an integer overflow (bsc#1112758).
Patchnames
SUSE-2019-339,SUSE-SLE-DESKTOP-12-SP4-2019-339,SUSE-SLE-SDK-12-SP4-2019-339,SUSE-SLE-SERVER-12-SP4-2019-339
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for curl", title: "Title of the patch", }, { category: "description", text: "This update for curl fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-3822: Fixed a NTLMv2 type-3 header stack buffer overflow (bsc#1123377).\n- CVE-2019-3823: Fixed an out-of-bounds read in the SMTP end-of-response (bsc#1123378).\n- CVE-2018-16890: Fixed an out-of-bounds buffer read in NTLM type2 (bsc#1123371). \n- CVE-2018-16842: Fixed an out-of-bounds read in tool_msgs.c (bsc#1113660).\n- CVE-2018-16840: Fixed a use-after-free in handle close (bsc#1113029).\n- CVE-2018-16839: Fixed an SASL password overflow caused by an integer overflow (bsc#1112758).\n\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-339,SUSE-SLE-DESKTOP-12-SP4-2019-339,SUSE-SLE-SDK-12-SP4-2019-339,SUSE-SLE-SERVER-12-SP4-2019-339", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0339-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:0339-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20190339-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:0339-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005111.html", }, { category: "self", summary: "SUSE Bug 1112758", url: "https://bugzilla.suse.com/1112758", }, { category: "self", summary: "SUSE Bug 1113029", url: "https://bugzilla.suse.com/1113029", }, { category: "self", summary: "SUSE Bug 1113660", url: "https://bugzilla.suse.com/1113660", }, { category: "self", summary: "SUSE Bug 1123371", url: "https://bugzilla.suse.com/1123371", }, { category: "self", summary: "SUSE Bug 1123377", url: "https://bugzilla.suse.com/1123377", }, { category: "self", summary: "SUSE Bug 1123378", url: "https://bugzilla.suse.com/1123378", }, { category: "self", summary: "SUSE CVE CVE-2018-16839 page", url: "https://www.suse.com/security/cve/CVE-2018-16839/", }, { category: "self", summary: "SUSE CVE CVE-2018-16840 page", url: "https://www.suse.com/security/cve/CVE-2018-16840/", }, { category: "self", summary: "SUSE CVE CVE-2018-16842 page", url: "https://www.suse.com/security/cve/CVE-2018-16842/", }, { category: "self", summary: "SUSE CVE CVE-2018-16890 page", url: "https://www.suse.com/security/cve/CVE-2018-16890/", }, { category: "self", summary: "SUSE CVE CVE-2019-3822 page", url: "https://www.suse.com/security/cve/CVE-2019-3822/", }, { category: "self", summary: "SUSE CVE CVE-2019-3823 page", url: "https://www.suse.com/security/cve/CVE-2019-3823/", }, ], title: "Security update for curl", tracking: { current_release_date: "2019-02-13T07:33:54Z", generator: { date: "2019-02-13T07:33:54Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:0339-1", initial_release_date: "2019-02-13T07:33:54Z", revision_history: [ { date: "2019-02-13T07:33:54Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "curl-7.60.0-4.3.1.aarch64", product: { name: "curl-7.60.0-4.3.1.aarch64", product_id: "curl-7.60.0-4.3.1.aarch64", }, }, { category: "product_version", name: "curl-mini-7.60.0-4.3.1.aarch64", product: { name: "curl-mini-7.60.0-4.3.1.aarch64", product_id: "curl-mini-7.60.0-4.3.1.aarch64", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-4.3.1.aarch64", product: { name: "libcurl-devel-7.60.0-4.3.1.aarch64", product_id: "libcurl-devel-7.60.0-4.3.1.aarch64", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-4.3.1.aarch64", product: { name: "libcurl-mini-devel-7.60.0-4.3.1.aarch64", product_id: "libcurl-mini-devel-7.60.0-4.3.1.aarch64", }, }, { category: "product_version", name: "libcurl4-7.60.0-4.3.1.aarch64", product: { name: "libcurl4-7.60.0-4.3.1.aarch64", product_id: "libcurl4-7.60.0-4.3.1.aarch64", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-4.3.1.aarch64", product: { name: "libcurl4-mini-7.60.0-4.3.1.aarch64", product_id: "libcurl4-mini-7.60.0-4.3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libcurl-devel-64bit-7.60.0-4.3.1.aarch64_ilp32", product: { name: "libcurl-devel-64bit-7.60.0-4.3.1.aarch64_ilp32", product_id: "libcurl-devel-64bit-7.60.0-4.3.1.aarch64_ilp32", }, }, { category: "product_version", name: "libcurl4-64bit-7.60.0-4.3.1.aarch64_ilp32", product: { name: "libcurl4-64bit-7.60.0-4.3.1.aarch64_ilp32", product_id: "libcurl4-64bit-7.60.0-4.3.1.aarch64_ilp32", }, }, ], category: "architecture", name: "aarch64_ilp32", }, { branches: [ { category: "product_version", name: "curl-7.60.0-4.3.1.i586", product: { name: "curl-7.60.0-4.3.1.i586", product_id: "curl-7.60.0-4.3.1.i586", }, }, { category: "product_version", name: "curl-mini-7.60.0-4.3.1.i586", product: { name: "curl-mini-7.60.0-4.3.1.i586", product_id: "curl-mini-7.60.0-4.3.1.i586", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-4.3.1.i586", product: { name: "libcurl-devel-7.60.0-4.3.1.i586", product_id: "libcurl-devel-7.60.0-4.3.1.i586", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-4.3.1.i586", product: { name: "libcurl-mini-devel-7.60.0-4.3.1.i586", product_id: "libcurl-mini-devel-7.60.0-4.3.1.i586", }, }, { category: "product_version", name: "libcurl4-7.60.0-4.3.1.i586", product: { name: "libcurl4-7.60.0-4.3.1.i586", product_id: "libcurl4-7.60.0-4.3.1.i586", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-4.3.1.i586", product: { name: "libcurl4-mini-7.60.0-4.3.1.i586", product_id: "libcurl4-mini-7.60.0-4.3.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "curl-7.60.0-4.3.1.ppc64le", product: { name: "curl-7.60.0-4.3.1.ppc64le", product_id: "curl-7.60.0-4.3.1.ppc64le", }, }, { category: "product_version", name: "curl-mini-7.60.0-4.3.1.ppc64le", product: { name: "curl-mini-7.60.0-4.3.1.ppc64le", product_id: "curl-mini-7.60.0-4.3.1.ppc64le", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-4.3.1.ppc64le", product: { name: "libcurl-devel-7.60.0-4.3.1.ppc64le", product_id: "libcurl-devel-7.60.0-4.3.1.ppc64le", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-4.3.1.ppc64le", product: { name: "libcurl-mini-devel-7.60.0-4.3.1.ppc64le", product_id: "libcurl-mini-devel-7.60.0-4.3.1.ppc64le", }, }, { category: "product_version", name: "libcurl4-7.60.0-4.3.1.ppc64le", product: { name: "libcurl4-7.60.0-4.3.1.ppc64le", product_id: "libcurl4-7.60.0-4.3.1.ppc64le", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-4.3.1.ppc64le", product: { name: "libcurl4-mini-7.60.0-4.3.1.ppc64le", product_id: "libcurl4-mini-7.60.0-4.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "curl-7.60.0-4.3.1.s390", product: { name: "curl-7.60.0-4.3.1.s390", product_id: "curl-7.60.0-4.3.1.s390", }, }, { category: "product_version", name: "curl-mini-7.60.0-4.3.1.s390", product: { name: "curl-mini-7.60.0-4.3.1.s390", product_id: "curl-mini-7.60.0-4.3.1.s390", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-4.3.1.s390", product: { name: "libcurl-devel-7.60.0-4.3.1.s390", product_id: "libcurl-devel-7.60.0-4.3.1.s390", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-4.3.1.s390", product: { name: "libcurl-mini-devel-7.60.0-4.3.1.s390", product_id: "libcurl-mini-devel-7.60.0-4.3.1.s390", }, }, { category: "product_version", name: "libcurl4-7.60.0-4.3.1.s390", product: { name: "libcurl4-7.60.0-4.3.1.s390", product_id: "libcurl4-7.60.0-4.3.1.s390", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-4.3.1.s390", product: { name: "libcurl4-mini-7.60.0-4.3.1.s390", product_id: "libcurl4-mini-7.60.0-4.3.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "curl-7.60.0-4.3.1.s390x", product: { name: "curl-7.60.0-4.3.1.s390x", product_id: "curl-7.60.0-4.3.1.s390x", }, }, { category: "product_version", name: "curl-mini-7.60.0-4.3.1.s390x", product: { name: "curl-mini-7.60.0-4.3.1.s390x", product_id: "curl-mini-7.60.0-4.3.1.s390x", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-4.3.1.s390x", product: { name: "libcurl-devel-7.60.0-4.3.1.s390x", product_id: "libcurl-devel-7.60.0-4.3.1.s390x", }, }, { category: "product_version", name: "libcurl-devel-32bit-7.60.0-4.3.1.s390x", product: { name: "libcurl-devel-32bit-7.60.0-4.3.1.s390x", product_id: "libcurl-devel-32bit-7.60.0-4.3.1.s390x", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-4.3.1.s390x", product: { name: "libcurl-mini-devel-7.60.0-4.3.1.s390x", product_id: "libcurl-mini-devel-7.60.0-4.3.1.s390x", }, }, { category: "product_version", name: "libcurl4-7.60.0-4.3.1.s390x", product: { name: "libcurl4-7.60.0-4.3.1.s390x", product_id: "libcurl4-7.60.0-4.3.1.s390x", }, }, { category: "product_version", name: "libcurl4-32bit-7.60.0-4.3.1.s390x", product: { name: "libcurl4-32bit-7.60.0-4.3.1.s390x", product_id: "libcurl4-32bit-7.60.0-4.3.1.s390x", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-4.3.1.s390x", product: { name: "libcurl4-mini-7.60.0-4.3.1.s390x", product_id: "libcurl4-mini-7.60.0-4.3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "curl-7.60.0-4.3.1.x86_64", product: { name: "curl-7.60.0-4.3.1.x86_64", product_id: "curl-7.60.0-4.3.1.x86_64", }, }, { category: "product_version", name: "curl-mini-7.60.0-4.3.1.x86_64", product: { name: "curl-mini-7.60.0-4.3.1.x86_64", product_id: "curl-mini-7.60.0-4.3.1.x86_64", }, }, { category: "product_version", name: "libcurl-devel-7.60.0-4.3.1.x86_64", product: { name: "libcurl-devel-7.60.0-4.3.1.x86_64", product_id: "libcurl-devel-7.60.0-4.3.1.x86_64", }, }, { category: "product_version", name: "libcurl-devel-32bit-7.60.0-4.3.1.x86_64", product: { name: "libcurl-devel-32bit-7.60.0-4.3.1.x86_64", product_id: "libcurl-devel-32bit-7.60.0-4.3.1.x86_64", }, }, { category: "product_version", name: "libcurl-mini-devel-7.60.0-4.3.1.x86_64", product: { name: "libcurl-mini-devel-7.60.0-4.3.1.x86_64", product_id: "libcurl-mini-devel-7.60.0-4.3.1.x86_64", }, }, { category: "product_version", name: "libcurl4-7.60.0-4.3.1.x86_64", product: { name: "libcurl4-7.60.0-4.3.1.x86_64", product_id: "libcurl4-7.60.0-4.3.1.x86_64", }, }, { category: "product_version", name: "libcurl4-32bit-7.60.0-4.3.1.x86_64", product: { name: "libcurl4-32bit-7.60.0-4.3.1.x86_64", product_id: "libcurl4-32bit-7.60.0-4.3.1.x86_64", }, }, { category: "product_version", name: "libcurl4-mini-7.60.0-4.3.1.x86_64", product: { name: "libcurl4-mini-7.60.0-4.3.1.x86_64", product_id: "libcurl4-mini-7.60.0-4.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP4", product: { name: "SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP4", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP4", product: { name: "SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "curl-7.60.0-4.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", }, product_reference: "curl-7.60.0-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-4.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", }, product_reference: "libcurl4-7.60.0-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.60.0-4.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", }, product_reference: "libcurl4-32bit-7.60.0-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.60.0-4.3.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", }, product_reference: "libcurl-devel-7.60.0-4.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.60.0-4.3.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", }, product_reference: "libcurl-devel-7.60.0-4.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.60.0-4.3.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", }, product_reference: "libcurl-devel-7.60.0-4.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl-devel-7.60.0-4.3.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", }, product_reference: "libcurl-devel-7.60.0-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "curl-7.60.0-4.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", }, product_reference: "curl-7.60.0-4.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "curl-7.60.0-4.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", }, product_reference: "curl-7.60.0-4.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "curl-7.60.0-4.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", }, product_reference: "curl-7.60.0-4.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "curl-7.60.0-4.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", }, product_reference: "curl-7.60.0-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-4.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", }, product_reference: "libcurl4-7.60.0-4.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-4.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", }, product_reference: "libcurl4-7.60.0-4.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-4.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", }, product_reference: "libcurl4-7.60.0-4.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-4.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", }, product_reference: "libcurl4-7.60.0-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.60.0-4.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", }, product_reference: "libcurl4-32bit-7.60.0-4.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.60.0-4.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", }, product_reference: "libcurl4-32bit-7.60.0-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "curl-7.60.0-4.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", }, product_reference: "curl-7.60.0-4.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "curl-7.60.0-4.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", }, product_reference: "curl-7.60.0-4.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "curl-7.60.0-4.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", }, product_reference: "curl-7.60.0-4.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "curl-7.60.0-4.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", }, product_reference: "curl-7.60.0-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-4.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", }, product_reference: "libcurl4-7.60.0-4.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-4.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", }, product_reference: "libcurl4-7.60.0-4.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-4.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", }, product_reference: "libcurl4-7.60.0-4.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-7.60.0-4.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", }, product_reference: "libcurl4-7.60.0-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.60.0-4.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", }, product_reference: "libcurl4-32bit-7.60.0-4.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "libcurl4-32bit-7.60.0-4.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", }, product_reference: "libcurl4-32bit-7.60.0-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, ], }, vulnerabilities: [ { cve: "CVE-2018-16839", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16839", }, ], notes: [ { category: "general", text: "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16839", url: "https://www.suse.com/security/cve/CVE-2018-16839", }, { category: "external", summary: "SUSE Bug 1112758 for CVE-2018-16839", url: "https://bugzilla.suse.com/1112758", }, { category: "external", summary: "SUSE Bug 1113029 for CVE-2018-16839", url: "https://bugzilla.suse.com/1113029", }, { category: "external", summary: "SUSE Bug 1131886 for CVE-2018-16839", url: "https://bugzilla.suse.com/1131886", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-13T07:33:54Z", details: "moderate", }, ], title: "CVE-2018-16839", }, { cve: "CVE-2018-16840", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16840", }, ], notes: [ { category: "general", text: "A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16840", url: "https://www.suse.com/security/cve/CVE-2018-16840", }, { category: "external", summary: "SUSE Bug 1112758 for CVE-2018-16840", url: "https://bugzilla.suse.com/1112758", }, { category: "external", summary: "SUSE Bug 1113029 for CVE-2018-16840", url: "https://bugzilla.suse.com/1113029", }, { category: "external", summary: "SUSE Bug 1122464 for CVE-2018-16840", url: "https://bugzilla.suse.com/1122464", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-13T07:33:54Z", details: "moderate", }, ], title: "CVE-2018-16840", }, { cve: "CVE-2018-16842", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16842", }, ], notes: [ { category: "general", text: "Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16842", url: "https://www.suse.com/security/cve/CVE-2018-16842", }, { category: "external", summary: "SUSE Bug 1113660 for CVE-2018-16842", url: "https://bugzilla.suse.com/1113660", }, { category: "external", summary: "SUSE Bug 1122464 for CVE-2018-16842", url: "https://bugzilla.suse.com/1122464", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-13T07:33:54Z", details: "moderate", }, ], title: "CVE-2018-16842", }, { cve: "CVE-2018-16890", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16890", }, ], notes: [ { category: "general", text: "libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16890", url: "https://www.suse.com/security/cve/CVE-2018-16890", }, { category: "external", summary: "SUSE Bug 1123371 for CVE-2018-16890", url: "https://bugzilla.suse.com/1123371", }, { category: "external", summary: "SUSE Bug 1123378 for CVE-2018-16890", url: "https://bugzilla.suse.com/1123378", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2018-16890", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-13T07:33:54Z", details: "low", }, ], title: "CVE-2018-16890", }, { cve: "CVE-2019-3822", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3822", }, ], notes: [ { category: "general", text: "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3822", url: "https://www.suse.com/security/cve/CVE-2019-3822", }, { category: "external", summary: "SUSE Bug 1123377 for CVE-2019-3822", url: "https://bugzilla.suse.com/1123377", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2019-3822", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-13T07:33:54Z", details: "important", }, ], title: "CVE-2019-3822", }, { cve: "CVE-2019-3823", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3823", }, ], notes: [ { category: "general", text: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3823", url: "https://www.suse.com/security/cve/CVE-2019-3823", }, { category: "external", summary: "SUSE Bug 1123378 for CVE-2019-3823", url: "https://bugzilla.suse.com/1123378", }, { category: "external", summary: "SUSE Bug 1126909 for CVE-2019-3823", url: "https://bugzilla.suse.com/1126909", }, { category: "external", summary: "SUSE Bug 1141798 for CVE-2019-3823", url: "https://bugzilla.suse.com/1141798", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:curl-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-32bit-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libcurl4-7.60.0-4.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:libcurl-devel-7.60.0-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-13T07:33:54Z", details: "moderate", }, ], title: "CVE-2019-3823", }, ], }
gsd-2019-3823
Vulnerability from gsd
Modified
2023-12-13 01:24
Details
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.
Aliases
Aliases
{ GSD: { alias: "CVE-2019-3823", description: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", id: "GSD-2019-3823", references: [ "https://www.suse.com/security/cve/CVE-2019-3823.html", "https://www.debian.org/security/2019/dsa-4386", "https://access.redhat.com/errata/RHSA-2019:3701", "https://access.redhat.com/errata/RHSA-2019:1543", "https://ubuntu.com/security/CVE-2019-3823", "https://security.archlinux.org/CVE-2019-3823", "https://linux.oracle.com/cve/CVE-2019-3823.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2019-3823", ], details: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", id: "GSD-2019-3823", modified: "2023-12-13T01:24:04.042141Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-3823", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "curl", version: { version_data: [ { version_value: "7.64.0", }, ], }, }, ], }, vendor_name: "The curl Project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", }, ], }, impact: { cvss: [ [ { vectorString: "4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125", }, ], }, ], }, references: { reference_data: [ { name: "GLSA-201903-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201903-03", }, { name: "DSA-4386", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4386", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", }, { name: "https://curl.haxx.se/docs/CVE-2019-3823.html", refsource: "MISC", url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, { name: "https://security.netapp.com/advisory/ntap-20190315-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190315-0001/", }, { name: "USN-3882-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3882-1/", }, { name: "106950", refsource: "BID", url: "http://www.securityfocus.com/bid/106950", }, { name: "[infra-devnull] 20190404 [GitHub] [incubator-openwhisk-runtime-ballerina] falkzoll commented on issue #15: Update to new base image jdk8u202-b08_openj9-0.12.1.", refsource: "MLIST", url: "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { name: "RHSA-2019:3701", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "7.64.0", versionStartIncluding: "7.34.0", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-3823", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-125", }, ], }, ], }, references: { reference_data: [ { name: "https://curl.haxx.se/docs/CVE-2019-3823.html", refsource: "MISC", tags: [ "Patch", "Vendor Advisory", ], url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", refsource: "CONFIRM", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", }, { name: "DSA-4386", refsource: "DEBIAN", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4386", }, { name: "USN-3882-1", refsource: "UBUNTU", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3882-1/", }, { name: "106950", refsource: "BID", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106950", }, { name: "GLSA-201903-03", refsource: "GENTOO", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201903-03", }, { name: "https://security.netapp.com/advisory/ntap-20190315-0001/", refsource: "CONFIRM", tags: [ "Exploit", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190315-0001/", }, { name: "[infra-devnull] 20190404 [GitHub] [incubator-openwhisk-runtime-ballerina] falkzoll commented on issue #15: Update to new base image jdk8u202-b08_openj9-0.12.1.", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", refsource: "MISC", tags: [], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { name: "RHSA-2019:3701", refsource: "REDHAT", tags: [], url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", refsource: "CONFIRM", tags: [], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, }, }, lastModifiedDate: "2021-03-09T15:15Z", publishedDate: "2019-02-06T20:29Z", }, }, }
ghsa-xmjh-hmw3-hqhr
Vulnerability from github
Published
2022-05-13 01:11
Modified
2022-05-13 01:11
Severity ?
Details
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to smtp_endofresp() isn't NUL terminated and contains no character ending the parsed number, and len is set to 5, then the strtol() call reads beyond the allocated buffer. The read contents will not be returned to the caller.
{ affected: [], aliases: [ "CVE-2019-3823", ], database_specific: { cwe_ids: [ "CWE-125", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2019-02-06T20:29:00Z", severity: "HIGH", }, details: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", id: "GHSA-xmjh-hmw3-hqhr", modified: "2022-05-13T01:11:27Z", published: "2022-05-13T01:11:27Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", }, { type: "WEB", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", }, { type: "WEB", url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, { type: "WEB", url: "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E", }, { type: "WEB", url: "https://security.gentoo.org/glsa/201903-03", }, { type: "WEB", url: "https://security.netapp.com/advisory/ntap-20190315-0001", }, { type: "WEB", url: "https://usn.ubuntu.com/3882-1", }, { type: "WEB", url: "https://www.debian.org/security/2019/dsa-4386", }, { type: "WEB", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { type: "WEB", url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { type: "WEB", url: "http://www.securityfocus.com/bid/106950", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
var-201902-0101
Vulnerability from variot
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to smtp_endofresp() isn't NUL terminated and contains no character ending the parsed number, and len is set to 5, then the strtol() call reads beyond the allocated buffer. The read contents will not be returned to the caller. libcurl Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. cURL/libcURL is prone to the following vulnerabilities:
1. A stack-based buffer-overflow vulnerability
2. A heap-based buffer-overflow vulnerability
Attackers can exploit these issues to cause denial-of-service conditions. Due to the nature of these issues, arbitrary code execution may be possible, but this has not been confirmed.
cURL/libcURL versions 7.36.0 through 7.63.0 are vulnerable. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201903-03
https://security.gentoo.org/
Severity: Normal Title: cURL: Multiple vulnerabilities Date: March 10, 2019 Bugs: #665292, #670026, #677346 ID: 201903-03
Synopsis
Multiple vulnerabilities have been found in cURL, the worst of which could result in a Denial of Service condition.
Background
A command line tool and library for transferring data with URLs.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/curl < 7.64.0 >= 7.64.0
Description
Multiple vulnerabilities have been discovered in cURL. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All cURL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/curl-7.64.0"
References
[ 1 ] CVE-2018-14618 https://nvd.nist.gov/vuln/detail/CVE-2018-14618 [ 2 ] CVE-2018-16839 https://nvd.nist.gov/vuln/detail/CVE-2018-16839 [ 3 ] CVE-2018-16840 https://nvd.nist.gov/vuln/detail/CVE-2018-16840 [ 4 ] CVE-2018-16842 https://nvd.nist.gov/vuln/detail/CVE-2018-16842 [ 5 ] CVE-2019-3822 https://nvd.nist.gov/vuln/detail/CVE-2019-3822 [ 6 ] CVE-2019-3823 https://nvd.nist.gov/vuln/detail/CVE-2019-3823
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201903-03
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 .
CVE-2018-16890
Wenxiang Qian of Tencent Blade Team discovered that the function
handling incoming NTLM type-2 messages does not validate incoming
data correctly and is subject to an integer overflow vulnerability,
which could lead to an out-of-bounds buffer read.
CVE-2019-3822
Wenxiang Qian of Tencent Blade Team discovered that the function
creating an outgoing NTLM type-3 header is subject to an integer
overflow vulnerability, which could lead to an out-of-bounds write.
For the stable distribution (stretch), these problems have been fixed in version 7.52.1-5+deb9u9.
We recommend that you upgrade your curl packages.
For the detailed security status of curl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/curl
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEBsId305pBx+F583DbwzL4CFiRygFAlxbSaAACgkQbwzL4CFi RygmtA/9HlrFg7QuCYikB1GTMvAfWtmk8vV19wr+zXcG4zxjC5MSubJStmg6Fhn7 Hl4Ar+UpqF79IM02yw4drAhci7BksQtGw/akExCDtI/+jw+BeHyHSR0GApwNlrIp k1t0c/ExxLKAPQKB4hxuxs0FdZGiJxO02Ld39O4PVf9c7IkBu0bRcbVbEajvIggh RFZN8HmUaqcN57MXu1Jrb9J0XWCyiGHjqEwBY0Q7/SI7cDuV5o8LiRFBeF/J2ByZ cSW7C980qQ9t1pru3BCAoAJxX7hl+fJPxub7oeZ1FehuQKMhxS/x2vQVgG6ni02z dccgYs+JVAaLhfqMUVNdieMwvyUuVbGsLVJ15HFRs8WGMlq9qRuHVfKBteZGPkHm zXbMaQ8lndNUN/El9JmaL4EEz4yIF/ZyQaniXGLu7iUPHtlJsFSl6Rjjc6q1Fg1u rAH4xNX2G4XV6MLH0LaQmaNgSLXSQn/er7QaUFEjCkzlRGob3DXWqexB2RhyNmp2 Hg5CrMT1d9VWFXS40CdiccPK+Bu0sEwuyzHWJMAQ2gRZ8Wv5MbqqOH8T9yLwXEgB u3MnQsWHs8nNKGs/ca6y6sRFMNhjVTA1Xwe12ZrO5UqZmpZJHgmSYEslboaLffGa zi3ucm1DATRJcTbMYvpZhS60QjkYr2nXgBwYYABTb2ZvDOTE6j4ILC -----END PGP SIGNATURE----- . Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Security Fix(es):
-
golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)
-
SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)
-
grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen (CVE-2018-18624)
-
js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
-
npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)
-
kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)
-
nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or proto payload (CVE-2020-7598)
-
npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)
-
nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)
-
jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
-
jQuery: passing HTML containing elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
-
grafana: stored XSS (CVE-2020-11110)
-
grafana: XSS annotation popup vulnerability (CVE-2020-12052)
-
grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)
-
nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)
-
golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
-
nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)
-
openshift/console: text injection on error page via crafted url (CVE-2020-10715)
-
kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)
-
openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution:
For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/):
907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13) 1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection 1767665 - CVE-2020-10715 openshift/console: text injection on error page via crafted url 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1813344 - CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or proto payload 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1834550 - CVE-2020-10743 kibana: X-Frame-Option not set by default might lead to clickjacking 1845982 - CVE-2020-7662 npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser 1848089 - CVE-2020-12052 grafana: XSS annotation popup vulnerability 1848092 - CVE-2019-16769 npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions 1848643 - CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip 1848647 - CVE-2020-13822 nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures 1849044 - CVE-2020-7013 kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) 1850004 - CVE-2020-11023 jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution 1850572 - CVE-2018-18624 grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1857412 - CVE-2020-8203 nodejs-lodash: prototype pollution in zipObjectDeep function 1857977 - CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function 1858981 - CVE-2020-14336 openshift: restricted SCC allows pods to craft custom network packets 1861044 - CVE-2020-11110 grafana: stored XSS 1874671 - CVE-2020-14336 ose-machine-config-operator-container: openshift: restricted SCC allows pods to craft custom network packets [openshift-4]
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: curl security and bug fix update Advisory ID: RHSA-2019:3701-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3701 Issue date: 2019-11-05 CVE Names: CVE-2018-16890 CVE-2018-20483 CVE-2019-3822 CVE-2019-3823 =====================================================================
- Summary:
An update for curl is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
- Description:
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
Security Fix(es):
-
curl: NTLM type-2 heap out-of-bounds buffer read (CVE-2018-16890)
-
wget: Information exposure in set_file_metadata function in xattr.c (CVE-2018-20483)
-
curl: NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)
-
curl: SMTP end-of-response out-of-bounds read (CVE-2019-3823)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1662705 - CVE-2018-20483 wget: Information exposure in set_file_metadata function in xattr.c 1669156 - connection re-use does not work for SCP and SFTP 1670252 - CVE-2018-16890 curl: NTLM type-2 heap out-of-bounds buffer read 1670254 - CVE-2019-3822 curl: NTLMv2 type-3 header stack buffer overflow 1670256 - CVE-2019-3823 curl: SMTP end-of-response out-of-bounds read
- Package List:
Red Hat Enterprise Linux BaseOS (v. 8):
Source: curl-7.61.1-11.el8.src.rpm
aarch64: curl-7.61.1-11.el8.aarch64.rpm curl-debuginfo-7.61.1-11.el8.aarch64.rpm curl-debugsource-7.61.1-11.el8.aarch64.rpm curl-minimal-debuginfo-7.61.1-11.el8.aarch64.rpm libcurl-7.61.1-11.el8.aarch64.rpm libcurl-debuginfo-7.61.1-11.el8.aarch64.rpm libcurl-devel-7.61.1-11.el8.aarch64.rpm libcurl-minimal-7.61.1-11.el8.aarch64.rpm libcurl-minimal-debuginfo-7.61.1-11.el8.aarch64.rpm
ppc64le: curl-7.61.1-11.el8.ppc64le.rpm curl-debuginfo-7.61.1-11.el8.ppc64le.rpm curl-debugsource-7.61.1-11.el8.ppc64le.rpm curl-minimal-debuginfo-7.61.1-11.el8.ppc64le.rpm libcurl-7.61.1-11.el8.ppc64le.rpm libcurl-debuginfo-7.61.1-11.el8.ppc64le.rpm libcurl-devel-7.61.1-11.el8.ppc64le.rpm libcurl-minimal-7.61.1-11.el8.ppc64le.rpm libcurl-minimal-debuginfo-7.61.1-11.el8.ppc64le.rpm
s390x: curl-7.61.1-11.el8.s390x.rpm curl-debuginfo-7.61.1-11.el8.s390x.rpm curl-debugsource-7.61.1-11.el8.s390x.rpm curl-minimal-debuginfo-7.61.1-11.el8.s390x.rpm libcurl-7.61.1-11.el8.s390x.rpm libcurl-debuginfo-7.61.1-11.el8.s390x.rpm libcurl-devel-7.61.1-11.el8.s390x.rpm libcurl-minimal-7.61.1-11.el8.s390x.rpm libcurl-minimal-debuginfo-7.61.1-11.el8.s390x.rpm
x86_64: curl-7.61.1-11.el8.x86_64.rpm curl-debuginfo-7.61.1-11.el8.i686.rpm curl-debuginfo-7.61.1-11.el8.x86_64.rpm curl-debugsource-7.61.1-11.el8.i686.rpm curl-debugsource-7.61.1-11.el8.x86_64.rpm curl-minimal-debuginfo-7.61.1-11.el8.i686.rpm curl-minimal-debuginfo-7.61.1-11.el8.x86_64.rpm libcurl-7.61.1-11.el8.i686.rpm libcurl-7.61.1-11.el8.x86_64.rpm libcurl-debuginfo-7.61.1-11.el8.i686.rpm libcurl-debuginfo-7.61.1-11.el8.x86_64.rpm libcurl-devel-7.61.1-11.el8.i686.rpm libcurl-devel-7.61.1-11.el8.x86_64.rpm libcurl-minimal-7.61.1-11.el8.i686.rpm libcurl-minimal-7.61.1-11.el8.x86_64.rpm libcurl-minimal-debuginfo-7.61.1-11.el8.i686.rpm libcurl-minimal-debuginfo-7.61.1-11.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-16890 https://access.redhat.com/security/cve/CVE-2018-20483 https://access.redhat.com/security/cve/CVE-2019-3822 https://access.redhat.com/security/cve/CVE-2019-3823 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXcHzVtzjgjWX9erEAQjvzw/+OUU07vnIT/4FS8aZD7Z8yUMYBwGhlMYm jIfVcRL/CuCe64zoTLyPhU3qJGuj84Fdx5ryxWglnimoERd3VXMZ5OZSPz8w738j owx9pN0gVooc5MGykJm9OP27BeXU4ZceWtvX5L2jRPvSzvlTavUfwfQ7rjFuxK1A FfNoJurwBKLowh31BBZjuak6GZ6YBH9kY3vAS5BUZxuijSS8zIsnOvFwgB152p56 tvJN7/Rtwh56msrg/AF/HLCneOs8LH+k3VWs4tucW/cSbzFSJPXeiZyVBCxj60FW jlIcOH8Joo79HVenK8TWw9rpd1QIaNwh84DmVXoKR2GKt4DL8ZFeL5oqHN8A2OkO I5G2DHgaE3sgOkTKiCoUzQrIIfRmwEfqYPw3SGZZhXIVbbWtlQ01xERMIunamXE2 Rfk2zd8M7HB+c2hiRD842wnULCAINY/w6e8J4g6kZQ4tn+eIKTwB7pVUzROMwBNq OKJFm8reEYOtgH3q+xmg13N1jkynTgFlcgLQ1ua+nS8o6fJE/23lgMdJY/oUXgnc szJLxMAySEePZF0QI9f8hedm+D5hGzkRB3KYqkv8OagSW0G2RAxadoLdl5qH5Doq l4gaFPgMIKK9yxnj+8gm7zsZiUNdebj5+c4eU7OZ1s98tzPQ3/W39m/8tNM3ueB0 PK6rxvdCr2I= =8Z+p -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-3882-1 February 06, 2019
curl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in curl. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-16890)
Wenxiang Qian discovered that curl incorrectly handled certain NTLMv2 authentication messages. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2019-3822)
Brian Carpenter discovered that curl incorrectly handled certain SMTP responses. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service. (CVE-2019-3823)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10: curl 7.61.0-1ubuntu2.3 libcurl3-gnutls 7.61.0-1ubuntu2.3 libcurl3-nss 7.61.0-1ubuntu2.3 libcurl4 7.61.0-1ubuntu2.3
Ubuntu 18.04 LTS: curl 7.58.0-2ubuntu3.6 libcurl3-gnutls 7.58.0-2ubuntu3.6 libcurl3-nss 7.58.0-2ubuntu3.6 libcurl4 7.58.0-2ubuntu3.6
Ubuntu 16.04 LTS: curl 7.47.0-1ubuntu2.12 libcurl3 7.47.0-1ubuntu2.12 libcurl3-gnutls 7.47.0-1ubuntu2.12 libcurl3-nss 7.47.0-1ubuntu2.12
Ubuntu 14.04 LTS: curl 7.35.0-1ubuntu2.20 libcurl3 7.35.0-1ubuntu2.20 libcurl3-gnutls 7.35.0-1ubuntu2.20 libcurl3-nss 7.35.0-1ubuntu2.20
In general, a standard system update will make all the necessary changes.
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/curl-7.64.0-i586-1_slack14.2.txz: Upgraded. This release fixes the following security issues: NTLM type-2 out-of-bounds buffer read. NTLMv2 type-3 header stack buffer overflow. SMTP end-of-response out-of-bounds read. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-7.64.0-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-7.64.0-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/curl-7.64.0-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/curl-7.64.0-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/curl-7.64.0-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/curl-7.64.0-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-7.64.0-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-7.64.0-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 package: 94fb3c50acd4f7640ca62ed6d18512c6 curl-7.64.0-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 4c21f7f6b2529badfd6c43c08a43df18 curl-7.64.0-x86_64-1_slack14.0.txz
Slackware 14.1 package: e57b9b6125d0ffd54ce56ed9cbc32fb5 curl-7.64.0-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: f599f0dca7cf5e1839204ab6a6cdcbb1 curl-7.64.0-x86_64-1_slack14.1.txz
Slackware 14.2 package: 357b50273d07ae2deef0958d8f5b5afa curl-7.64.0-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 6c259df05c840f74dc4b3a84c6d4f212 curl-7.64.0-x86_64-1_slack14.2.txz
Slackware -current package: 9fa3ea811b5c4cca6382d7e18b2845a2 n/curl-7.64.0-i586-1.txz
Slackware x86_64 -current package: 869267a25c87036e7c9c909d2f3891c9 n/curl-7.64.0-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg curl-7.64.0-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201902-0101", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "secure global desktop", scope: "eq", trust: 1.3, vendor: "oracle", version: "5.4", }, { model: "http server", scope: "eq", trust: 1.3, vendor: "oracle", version: "12.2.1.3.0", }, { model: "communications operations monitor", scope: "eq", trust: 1.3, vendor: "oracle", version: "4.0", }, { model: "communications operations monitor", scope: "eq", trust: 1.3, vendor: "oracle", version: "3.4", }, { model: "libcurl", scope: "lt", trust: 1, vendor: "haxx", version: "7.64.0", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "14.04", }, { model: "libcurl", scope: "gte", trust: 1, vendor: "haxx", version: "7.34.0", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "18.10", }, { model: "clustered data ontap", scope: "eq", trust: 1, vendor: "netapp", version: "*", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "18.04", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "9.0", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "16.04", }, { model: "ubuntu", scope: null, trust: 0.8, vendor: "canonical", version: null, }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "libcurl", scope: null, trust: 0.8, vendor: "haxx", version: null, }, { model: "clustered data ontap", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "linux", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "18.10", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "18.04", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "16.04", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "14.04", }, { model: "sinema remote connect client", scope: "eq", trust: 0.3, vendor: "siemens", version: "1.0", }, { model: "software collections for rhel", scope: "eq", trust: 0.3, vendor: "redhat", version: "0", }, { model: "services tools bundle", scope: "eq", trust: 0.3, vendor: "oracle", version: "19.2", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "8.0.15", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "8.0.14", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "8.0.13", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "8.0.12", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "8.0.11", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.26", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.25", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.24", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.23", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.22", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.21", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.20", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.19", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.18", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.17", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.16", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.15", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7.12", }, { model: "mysql server", scope: "eq", trust: 0.3, vendor: "oracle", version: "5.7", }, { model: "enterprise manager ops center", scope: "eq", trust: 0.3, vendor: "oracle", version: "12.4", }, { model: "enterprise manager ops center", scope: "eq", trust: 0.3, vendor: "oracle", version: "12.3.3", }, { model: "clustered data ontap", scope: "eq", trust: 0.3, vendor: "netapp", version: "0", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.63", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.62", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.61.1", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.61", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.60", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.59", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.58", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.57", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.56.1", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.56", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.55.1", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.54.1", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.54", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.53.1", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.53", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.52", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.51", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.50.3", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.50.2", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.50.1", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.50", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.47", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.46", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.43", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.42.1", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.36", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.55.0", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.52.1", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.49.0", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.48.0", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.42.0", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.41.0", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.40.0", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.39", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.38.0", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.37.1", }, { model: "libcurl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.37.0", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.62", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.61.1", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.61", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.60", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.59", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.58", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.56.1", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.56", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.55.1", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.55", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.54.1", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.54", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.53.1", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.53", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.52", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.51", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.50.3", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.50", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.47", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.46", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.45", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.43", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.42.1", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.36", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.63.0", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.57.0", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.52.1", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.50.1", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.49.0", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.48.0", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.42.0", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.41.0", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.40.0", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.39.0", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.38.0", }, { model: "curl", scope: "eq", trust: 0.3, vendor: "haxx", version: "7.37.1", }, { model: "sinema remote connect client hf1", scope: "ne", trust: 0.3, vendor: "siemens", version: "2.0", }, { model: "libcurl", scope: "ne", trust: 0.3, vendor: "haxx", version: "7.64", }, { model: "curl", scope: "ne", trust: 0.3, vendor: "haxx", version: "7.64.0", }, ], sources: [ { db: "BID", id: "106950", }, { db: "JVNDB", id: "JVNDB-2019-001681", }, { db: "NVD", id: "CVE-2019-3823", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:canonical:ubuntu_linux", vulnerable: true, }, { cpe22Uri: "cpe:/o:debian:debian_linux", vulnerable: true, }, { cpe22Uri: "cpe:/a:haxx:libcurl", vulnerable: true, }, { cpe22Uri: "cpe:/o:netapp:clustered_data_ontap", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-001681", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Brian Carpenter, Geeknik Labs and Wenxiang Qian from Tencent Blade Team.,Gentoo", sources: [ { db: "CNNVD", id: "CNNVD-201902-125", }, ], trust: 0.6, }, cve: "CVE-2019-3823", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2019-3823", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2019-3823", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "secalert@redhat.com", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2019-3823", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-3823", trust: 1, value: "HIGH", }, { author: "secalert@redhat.com", id: "CVE-2019-3823", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2019-3823", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-201902-125", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-3823", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2019-3823", }, { db: "JVNDB", id: "JVNDB-2019-001681", }, { db: "CNNVD", id: "CNNVD-201902-125", }, { db: "NVD", id: "CVE-2019-3823", }, { db: "NVD", id: "CVE-2019-3823", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller. libcurl Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. cURL/libcURL is prone to the following vulnerabilities:\n1. A stack-based buffer-overflow vulnerability\n2. A heap-based buffer-overflow vulnerability\nAttackers can exploit these issues to cause denial-of-service conditions. Due to the nature of these issues, arbitrary code execution may be possible, but this has not been confirmed. \ncURL/libcURL versions 7.36.0 through 7.63.0 are vulnerable. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201903-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: cURL: Multiple vulnerabilities\n Date: March 10, 2019\n Bugs: #665292, #670026, #677346\n ID: 201903-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in cURL, the worst of which\ncould result in a Denial of Service condition. \n\nBackground\n==========\n\nA command line tool and library for transferring data with URLs. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-misc/curl < 7.64.0 >= 7.64.0 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in cURL. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll cURL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/curl-7.64.0\"\n\nReferences\n==========\n\n[ 1 ] CVE-2018-14618\n https://nvd.nist.gov/vuln/detail/CVE-2018-14618\n[ 2 ] CVE-2018-16839\n https://nvd.nist.gov/vuln/detail/CVE-2018-16839\n[ 3 ] CVE-2018-16840\n https://nvd.nist.gov/vuln/detail/CVE-2018-16840\n[ 4 ] CVE-2018-16842\n https://nvd.nist.gov/vuln/detail/CVE-2018-16842\n[ 5 ] CVE-2019-3822\n https://nvd.nist.gov/vuln/detail/CVE-2019-3822\n[ 6 ] CVE-2019-3823\n https://nvd.nist.gov/vuln/detail/CVE-2019-3823\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201903-03\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2019 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. \n\nCVE-2018-16890\n\n Wenxiang Qian of Tencent Blade Team discovered that the function\n handling incoming NTLM type-2 messages does not validate incoming\n data correctly and is subject to an integer overflow vulnerability,\n which could lead to an out-of-bounds buffer read. \n\nCVE-2019-3822\n\n Wenxiang Qian of Tencent Blade Team discovered that the function\n creating an outgoing NTLM type-3 header is subject to an integer\n overflow vulnerability, which could lead to an out-of-bounds write. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 7.52.1-5+deb9u9. \n\nWe recommend that you upgrade your curl packages. \n\nFor the detailed security status of curl please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/curl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEBsId305pBx+F583DbwzL4CFiRygFAlxbSaAACgkQbwzL4CFi\nRygmtA/9HlrFg7QuCYikB1GTMvAfWtmk8vV19wr+zXcG4zxjC5MSubJStmg6Fhn7\nHl4Ar+UpqF79IM02yw4drAhci7BksQtGw/akExCDtI/+jw+BeHyHSR0GApwNlrIp\nk1t0c/ExxLKAPQKB4hxuxs0FdZGiJxO02Ld39O4PVf9c7IkBu0bRcbVbEajvIggh\nRFZN8HmUaqcN57MXu1Jrb9J0XWCyiGHjqEwBY0Q7/SI7cDuV5o8LiRFBeF/J2ByZ\ncSW7C980qQ9t1pru3BCAoAJxX7hl+fJPxub7oeZ1FehuQKMhxS/x2vQVgG6ni02z\ndccgYs+JVAaLhfqMUVNdieMwvyUuVbGsLVJ15HFRs8WGMlq9qRuHVfKBteZGPkHm\nzXbMaQ8lndNUN/El9JmaL4EEz4yIF/ZyQaniXGLu7iUPHtlJsFSl6Rjjc6q1Fg1u\nrAH4xNX2G4XV6MLH0LaQmaNgSLXSQn/er7QaUFEjCkzlRGob3DXWqexB2RhyNmp2\nHg5CrMT1d9VWFXS40CdiccPK+Bu0sEwuyzHWJMAQ2gRZ8Wv5MbqqOH8T9yLwXEgB\nu3MnQsWHs8nNKGs/ca6y6sRFMNhjVTA1Xwe12ZrO5UqZmpZJHgmSYEslboaLffGa\nzi3ucm1DATRJcTbMYvpZhS60QjkYr2nXgBwYYABTb2ZvDOTE6j4ILC\n-----END PGP SIGNATURE-----\n. Description:\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows\nfor panic (CVE-2020-9283)\n\n* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)\n\n* grafana: XSS vulnerability via a column style on the \"Dashboard > Table\nPanel\" screen (CVE-2018-18624)\n\n* js-jquery: prototype pollution in object's prototype leading to denial of\nservice or remote code execution or property injection (CVE-2019-11358)\n\n* npm-serialize-javascript: XSS via unsafe characters in serialized regular\nexpressions (CVE-2019-16769)\n\n* kibana: Prototype pollution in TSVB could result in arbitrary code\nexecution (ESA-2020-06) (CVE-2020-7013)\n\n* nodejs-minimist: prototype pollution allows adding or modifying\nproperties of Object.prototype using a constructor or __proto__ payload\n(CVE-2020-7598)\n\n* npmjs-websocket-extensions: ReDoS vulnerability in\nSec-WebSocket-Extensions parser (CVE-2020-7662)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function\n(CVE-2020-8203)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter\nmethod (CVE-2020-11022)\n\n* jQuery: passing HTML containing <option> elements to manipulation methods\ncould result in untrusted code execution (CVE-2020-11023)\n\n* grafana: stored XSS (CVE-2020-11110)\n\n* grafana: XSS annotation popup vulnerability (CVE-2020-12052)\n\n* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)\n\n* nodejs-elliptic: improper encoding checks allows a certain degree of\nsignature malleability in ECDSA signatures (CVE-2020-13822)\n\n* golang.org/x/text: possibility to trigger an infinite loop in\nencoding/unicode could lead to crash (CVE-2020-14040)\n\n* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate\nfunction (CVE-2020-15366)\n\n* openshift/console: text injection on error page via crafted url\n(CVE-2020-10715)\n\n* kibana: X-Frame-Option not set by default might lead to clickjacking\n(CVE-2020-10743)\n\n* openshift: restricted SCC allows pods to craft custom network packets\n(CVE-2020-14336)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. Solution:\n\nFor OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster\n- -cli.html. Bugs fixed (https://bugzilla.redhat.com/):\n\n907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13)\n1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection\n1767665 - CVE-2020-10715 openshift/console: text injection on error page via crafted url\n1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic\n1813344 - CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload\n1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n1834550 - CVE-2020-10743 kibana: X-Frame-Option not set by default might lead to clickjacking\n1845982 - CVE-2020-7662 npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser\n1848089 - CVE-2020-12052 grafana: XSS annotation popup vulnerability\n1848092 - CVE-2019-16769 npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions\n1848643 - CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip\n1848647 - CVE-2020-13822 nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures\n1849044 - CVE-2020-7013 kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)\n1850004 - CVE-2020-11023 jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution\n1850572 - CVE-2018-18624 grafana: XSS vulnerability via a column style on the \"Dashboard > Table Panel\" screen\n1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash\n1857412 - CVE-2020-8203 nodejs-lodash: prototype pollution in zipObjectDeep function\n1857977 - CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function\n1858981 - CVE-2020-14336 openshift: restricted SCC allows pods to craft custom network packets\n1861044 - CVE-2020-11110 grafana: stored XSS\n1874671 - CVE-2020-14336 ose-machine-config-operator-container: openshift: restricted SCC allows pods to craft custom network packets [openshift-4]\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: curl security and bug fix update\nAdvisory ID: RHSA-2019:3701-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:3701\nIssue date: 2019-11-05\nCVE Names: CVE-2018-16890 CVE-2018-20483 CVE-2019-3822 \n CVE-2019-3823 \n=====================================================================\n\n1. Summary:\n\nAn update for curl is now available for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. Description:\n\nThe curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP. \n\nSecurity Fix(es):\n\n* curl: NTLM type-2 heap out-of-bounds buffer read (CVE-2018-16890)\n\n* wget: Information exposure in set_file_metadata function in xattr.c\n(CVE-2018-20483)\n\n* curl: NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)\n\n* curl: SMTP end-of-response out-of-bounds read (CVE-2019-3823)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.1 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1662705 - CVE-2018-20483 wget: Information exposure in set_file_metadata function in xattr.c\n1669156 - connection re-use does not work for SCP and SFTP\n1670252 - CVE-2018-16890 curl: NTLM type-2 heap out-of-bounds buffer read\n1670254 - CVE-2019-3822 curl: NTLMv2 type-3 header stack buffer overflow\n1670256 - CVE-2019-3823 curl: SMTP end-of-response out-of-bounds read\n\n6. Package List:\n\nRed Hat Enterprise Linux BaseOS (v. 8):\n\nSource:\ncurl-7.61.1-11.el8.src.rpm\n\naarch64:\ncurl-7.61.1-11.el8.aarch64.rpm\ncurl-debuginfo-7.61.1-11.el8.aarch64.rpm\ncurl-debugsource-7.61.1-11.el8.aarch64.rpm\ncurl-minimal-debuginfo-7.61.1-11.el8.aarch64.rpm\nlibcurl-7.61.1-11.el8.aarch64.rpm\nlibcurl-debuginfo-7.61.1-11.el8.aarch64.rpm\nlibcurl-devel-7.61.1-11.el8.aarch64.rpm\nlibcurl-minimal-7.61.1-11.el8.aarch64.rpm\nlibcurl-minimal-debuginfo-7.61.1-11.el8.aarch64.rpm\n\nppc64le:\ncurl-7.61.1-11.el8.ppc64le.rpm\ncurl-debuginfo-7.61.1-11.el8.ppc64le.rpm\ncurl-debugsource-7.61.1-11.el8.ppc64le.rpm\ncurl-minimal-debuginfo-7.61.1-11.el8.ppc64le.rpm\nlibcurl-7.61.1-11.el8.ppc64le.rpm\nlibcurl-debuginfo-7.61.1-11.el8.ppc64le.rpm\nlibcurl-devel-7.61.1-11.el8.ppc64le.rpm\nlibcurl-minimal-7.61.1-11.el8.ppc64le.rpm\nlibcurl-minimal-debuginfo-7.61.1-11.el8.ppc64le.rpm\n\ns390x:\ncurl-7.61.1-11.el8.s390x.rpm\ncurl-debuginfo-7.61.1-11.el8.s390x.rpm\ncurl-debugsource-7.61.1-11.el8.s390x.rpm\ncurl-minimal-debuginfo-7.61.1-11.el8.s390x.rpm\nlibcurl-7.61.1-11.el8.s390x.rpm\nlibcurl-debuginfo-7.61.1-11.el8.s390x.rpm\nlibcurl-devel-7.61.1-11.el8.s390x.rpm\nlibcurl-minimal-7.61.1-11.el8.s390x.rpm\nlibcurl-minimal-debuginfo-7.61.1-11.el8.s390x.rpm\n\nx86_64:\ncurl-7.61.1-11.el8.x86_64.rpm\ncurl-debuginfo-7.61.1-11.el8.i686.rpm\ncurl-debuginfo-7.61.1-11.el8.x86_64.rpm\ncurl-debugsource-7.61.1-11.el8.i686.rpm\ncurl-debugsource-7.61.1-11.el8.x86_64.rpm\ncurl-minimal-debuginfo-7.61.1-11.el8.i686.rpm\ncurl-minimal-debuginfo-7.61.1-11.el8.x86_64.rpm\nlibcurl-7.61.1-11.el8.i686.rpm\nlibcurl-7.61.1-11.el8.x86_64.rpm\nlibcurl-debuginfo-7.61.1-11.el8.i686.rpm\nlibcurl-debuginfo-7.61.1-11.el8.x86_64.rpm\nlibcurl-devel-7.61.1-11.el8.i686.rpm\nlibcurl-devel-7.61.1-11.el8.x86_64.rpm\nlibcurl-minimal-7.61.1-11.el8.i686.rpm\nlibcurl-minimal-7.61.1-11.el8.x86_64.rpm\nlibcurl-minimal-debuginfo-7.61.1-11.el8.i686.rpm\nlibcurl-minimal-debuginfo-7.61.1-11.el8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-16890\nhttps://access.redhat.com/security/cve/CVE-2018-20483\nhttps://access.redhat.com/security/cve/CVE-2019-3822\nhttps://access.redhat.com/security/cve/CVE-2019-3823\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXcHzVtzjgjWX9erEAQjvzw/+OUU07vnIT/4FS8aZD7Z8yUMYBwGhlMYm\njIfVcRL/CuCe64zoTLyPhU3qJGuj84Fdx5ryxWglnimoERd3VXMZ5OZSPz8w738j\nowx9pN0gVooc5MGykJm9OP27BeXU4ZceWtvX5L2jRPvSzvlTavUfwfQ7rjFuxK1A\nFfNoJurwBKLowh31BBZjuak6GZ6YBH9kY3vAS5BUZxuijSS8zIsnOvFwgB152p56\ntvJN7/Rtwh56msrg/AF/HLCneOs8LH+k3VWs4tucW/cSbzFSJPXeiZyVBCxj60FW\njlIcOH8Joo79HVenK8TWw9rpd1QIaNwh84DmVXoKR2GKt4DL8ZFeL5oqHN8A2OkO\nI5G2DHgaE3sgOkTKiCoUzQrIIfRmwEfqYPw3SGZZhXIVbbWtlQ01xERMIunamXE2\nRfk2zd8M7HB+c2hiRD842wnULCAINY/w6e8J4g6kZQ4tn+eIKTwB7pVUzROMwBNq\nOKJFm8reEYOtgH3q+xmg13N1jkynTgFlcgLQ1ua+nS8o6fJE/23lgMdJY/oUXgnc\nszJLxMAySEePZF0QI9f8hedm+D5hGzkRB3KYqkv8OagSW0G2RAxadoLdl5qH5Doq\nl4gaFPgMIKK9yxnj+8gm7zsZiUNdebj5+c4eU7OZ1s98tzPQ3/W39m/8tNM3ueB0\nPK6rxvdCr2I=\n=8Z+p\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ==========================================================================\nUbuntu Security Notice USN-3882-1\nFebruary 06, 2019\n\ncurl vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 18.10\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in curl. A remote attacker could possibly use this issue to\ncause curl to crash, resulting in a denial of service. This issue only\napplied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. \n(CVE-2018-16890)\n\nWenxiang Qian discovered that curl incorrectly handled certain NTLMv2\nauthentication messages. A remote attacker could use this issue to cause\ncurl to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04\nLTS, and Ubuntu 18.10. (CVE-2019-3822)\n\nBrian Carpenter discovered that curl incorrectly handled certain SMTP\nresponses. A remote attacker could possibly use this issue to cause curl to\ncrash, resulting in a denial of service. (CVE-2019-3823)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 18.10:\n curl 7.61.0-1ubuntu2.3\n libcurl3-gnutls 7.61.0-1ubuntu2.3\n libcurl3-nss 7.61.0-1ubuntu2.3\n libcurl4 7.61.0-1ubuntu2.3\n\nUbuntu 18.04 LTS:\n curl 7.58.0-2ubuntu3.6\n libcurl3-gnutls 7.58.0-2ubuntu3.6\n libcurl3-nss 7.58.0-2ubuntu3.6\n libcurl4 7.58.0-2ubuntu3.6\n\nUbuntu 16.04 LTS:\n curl 7.47.0-1ubuntu2.12\n libcurl3 7.47.0-1ubuntu2.12\n libcurl3-gnutls 7.47.0-1ubuntu2.12\n libcurl3-nss 7.47.0-1ubuntu2.12\n\nUbuntu 14.04 LTS:\n curl 7.35.0-1ubuntu2.20\n libcurl3 7.35.0-1ubuntu2.20\n libcurl3-gnutls 7.35.0-1ubuntu2.20\n libcurl3-nss 7.35.0-1ubuntu2.20\n\nIn general, a standard system update will make all the necessary changes. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/curl-7.64.0-i586-1_slack14.2.txz: Upgraded. \n This release fixes the following security issues:\n NTLM type-2 out-of-bounds buffer read. \n NTLMv2 type-3 header stack buffer overflow. \n SMTP end-of-response out-of-bounds read. \n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-7.64.0-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-7.64.0-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/curl-7.64.0-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/curl-7.64.0-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/curl-7.64.0-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/curl-7.64.0-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-7.64.0-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-7.64.0-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\n94fb3c50acd4f7640ca62ed6d18512c6 curl-7.64.0-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n4c21f7f6b2529badfd6c43c08a43df18 curl-7.64.0-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\ne57b9b6125d0ffd54ce56ed9cbc32fb5 curl-7.64.0-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\nf599f0dca7cf5e1839204ab6a6cdcbb1 curl-7.64.0-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\n357b50273d07ae2deef0958d8f5b5afa curl-7.64.0-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n6c259df05c840f74dc4b3a84c6d4f212 curl-7.64.0-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n9fa3ea811b5c4cca6382d7e18b2845a2 n/curl-7.64.0-i586-1.txz\n\nSlackware x86_64 -current package:\n869267a25c87036e7c9c909d2f3891c9 n/curl-7.64.0-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg curl-7.64.0-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address", sources: [ { db: "NVD", id: "CVE-2019-3823", }, { db: "JVNDB", id: "JVNDB-2019-001681", }, { db: "BID", id: "106950", }, { db: "VULMON", id: "CVE-2019-3823", }, { db: "PACKETSTORM", id: "152034", }, { db: "PACKETSTORM", id: "151568", }, { db: "PACKETSTORM", id: "159727", }, { db: "PACKETSTORM", id: "155162", }, { db: "PACKETSTORM", id: "151566", }, { db: "PACKETSTORM", id: "151569", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-3823", trust: 3.4, }, { db: "BID", id: "106950", trust: 2, }, { db: "SIEMENS", id: "SSA-936080", trust: 1.7, }, { db: "SIEMENS", id: "SSA-436177", trust: 0.9, }, { db: "ICS CERT", id: "ICSA-19-099-04", trust: 0.9, }, { db: "JVNDB", id: "JVNDB-2019-001681", trust: 0.8, }, { db: "PACKETSTORM", id: "152034", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.1084", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.0846", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.3700", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.0381.3", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-068-10", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201902-125", trust: 0.6, }, { db: "VULMON", id: "CVE-2019-3823", trust: 0.1, }, { db: "PACKETSTORM", id: "151568", trust: 0.1, }, { db: "PACKETSTORM", id: "159727", trust: 0.1, }, { db: "PACKETSTORM", id: "155162", trust: 0.1, }, { db: "PACKETSTORM", id: "151566", trust: 0.1, }, { db: "PACKETSTORM", id: "151569", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2019-3823", }, { db: "BID", id: "106950", }, { db: "JVNDB", id: "JVNDB-2019-001681", }, { db: "PACKETSTORM", id: "152034", }, { db: "PACKETSTORM", id: "151568", }, { db: "PACKETSTORM", id: "159727", }, { db: "PACKETSTORM", id: "155162", }, { db: "PACKETSTORM", id: "151566", }, { db: "PACKETSTORM", id: "151569", }, { db: "CNNVD", id: "CNNVD-201902-125", }, { db: "NVD", id: "CVE-2019-3823", }, ], }, id: "VAR-201902-0101", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.71363634, }, last_update_date: "2024-11-23T19:40:51.276000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "DSA-4386", trust: 0.8, url: "https://www.debian.org/security/2019/dsa-4386", }, { title: "NTAP-20190315-0001", trust: 0.8, url: "https://security.netapp.com/advisory/ntap-20190315-0001/", }, { title: "SMTP end-of-response out-of-bounds read", trust: 0.8, url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, { title: "USN-3882-1", trust: 0.8, url: "https://usn.ubuntu.com/3882-1/", }, { title: "Red Hat: Moderate: curl security and bug fix update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193701 - Security Advisory", }, { title: "Red Hat: CVE-2019-3823", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2019-3823", }, { title: "Ubuntu Security Notice: curl vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3882-1", }, { title: "Arch Linux Issues: ", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2019-3823", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=17333d813b4221a6afc6ca8faac611f6", }, { title: "Arch Linux Advisories: [ASA-201902-13] lib32-curl: arbitrary code execution", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201902-13", }, { title: "Arch Linux Advisories: [ASA-201902-9] curl: arbitrary code execution", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201902-9", }, { title: "Arch Linux Advisories: [ASA-201902-10] libcurl-gnutls: arbitrary code execution", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201902-10", }, { title: "Arch Linux Advisories: [ASA-201902-12] lib32-libcurl-compat: arbitrary code execution", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201902-12", }, { title: "Arch Linux Advisories: [ASA-201902-11] lib32-libcurl-gnutls: arbitrary code execution", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201902-11", }, { title: "IBM: IBM Security Bulletin: IBM Event Streams is affected by cURL vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=22decc09aeaa3dba577a38ac2ead2bac", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=8a056bd2177d12192b11798b7ac3e013", }, { title: "Amazon Linux 2: ALAS2-2019-1162", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2019-1162", }, { title: "IBM: IBM Security Bulletin: BigFix Platform 9.5.x / 9.2.x affected by multiple vulnerabilities (CVE-2018-16839, CVE-2018-16842, CVE-2018-16840, CVE-2019-3823, CVE-2019-3822, CVE-2018-16890, CVE-2019-4011, CVE-2018-2005, CVE-2019-4058, CVE-2019-1559)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=0b05dc856c1be71db871bcea94f6fa8d", }, { title: "Red Hat: Moderate: OpenShift Container Platform 4.6.1 image security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204298 - Security Advisory", }, { title: "TrivyWeb", trust: 0.1, url: "https://github.com/KorayAgaya/TrivyWeb ", }, { title: "cve", trust: 0.1, url: "https://github.com/michwqy/cve ", }, { title: "github_aquasecurity_trivy", trust: 0.1, url: "https://github.com/back8/github_aquasecurity_trivy ", }, { title: "trivy", trust: 0.1, url: "https://github.com/simiyo/trivy ", }, { title: "security", trust: 0.1, url: "https://github.com/umahari/security ", }, { title: "", trust: 0.1, url: "https://github.com/Mohzeela/external-secret ", }, { title: "Vulnerability-Scanner-for-Containers", trust: 0.1, url: "https://github.com/t31m0/Vulnerability-Scanner-for-Containers ", }, { title: "trivy", trust: 0.1, url: "https://github.com/aquasecurity/trivy ", }, { title: "trivy", trust: 0.1, url: "https://github.com/knqyf263/trivy ", }, { title: "trivy", trust: 0.1, url: "https://github.com/siddharthraopotukuchi/trivy ", }, ], sources: [ { db: "VULMON", id: "CVE-2019-3823", }, { db: "JVNDB", id: "JVNDB-2019-001681", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-125", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-001681", }, { db: "NVD", id: "CVE-2019-3823", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.9, url: "http://www.securityfocus.com/bid/106950", }, { trust: 2.5, url: "https://access.redhat.com/errata/rhsa-2019:3701", }, { trust: 2, url: "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-3823", }, { trust: 2, url: "https://security.netapp.com/advisory/ntap-20190315-0001/", }, { trust: 2, url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { trust: 2, url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { trust: 1.9, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3823", }, { trust: 1.8, url: "https://security.gentoo.org/glsa/201903-03", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", }, { trust: 1.5, url: "https://usn.ubuntu.com/3882-1/", }, { trust: 1.4, url: "https://curl.haxx.se/docs/cve-2019-3823.html", }, { trust: 1.4, url: "https://www.debian.org/security/2019/dsa-4386", }, { trust: 1.1, url: "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3cdevnull.infra.apache.org%3e", }, { trust: 1.1, url: "https://access.redhat.com/security/cve/cve-2019-3822", }, { trust: 1.1, url: "https://access.redhat.com/security/cve/cve-2019-3823", }, { trust: 0.9, url: "http://curl.haxx.se/", }, { trust: 0.9, url: "https://curl.haxx.se/download.html", }, { trust: 0.9, url: "https://github.com/curl/curl/commit/86724581b6c", }, { trust: 0.9, url: "https://github.com/curl/curl/commit/39df4073", }, { trust: 0.9, url: "https://github.com/curl/curl/commit/2766262a68", }, { trust: 0.9, url: "https://ics-cert.us-cert.gov/advisories/icsa-19-099-04", }, { trust: 0.9, url: "https://github.com/curl/curl/commit/50c94842", }, { trust: 0.9, url: "https://curl.haxx.se/docs/cve-2019-3822.html", }, { trust: 0.9, url: "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-3822", }, { trust: 0.9, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", }, { trust: 0.9, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3823", }, { trust: 0.6, url: "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3cdevnull.infra.apache.org%3e", }, { trust: 0.6, url: "https://www.debian.org/security/2019/dsa-4386third party advisory", }, { trust: 0.6, url: "https://usn.ubuntu.com/3882-1/third party advisory", }, { trust: 0.6, url: "https://curl.haxx.se/docs/cve-2019-3823.htmlpatchvendor advisory", }, { trust: 0.6, url: "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-3823exploitissue trackingthird party advisory", }, { trust: 0.6, url: "http://www.ibm.com/support/docview.wss", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/75218", }, { trust: 0.6, url: "https://www-01.ibm.com/support/docview.wss?uid=ibm10881996", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.3700/", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-10", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/152034/gentoo-linux-security-advisory-201903-03.html", }, { trust: 0.6, url: "https://www-01.ibm.com/support/docview.wss?uid=ibm10876554", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0846", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/78194", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3822", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2018-16890", }, { trust: 0.2, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.2, url: "https://bugzilla.redhat.com/):", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2018-16890", }, { trust: 0.2, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2018-20483", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2018-20483", }, { trust: 0.2, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/125.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://tools.cisco.com/security/center/viewalert.x?alertid=59575", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-14618", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-16842", }, { trust: 0.1, url: "https://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-16840", }, { trust: 0.1, url: "https://security.gentoo.org/", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-16839", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/curl", }, { trust: 0.1, url: "https://www.debian.org/security/faq", }, { trust: 0.1, url: "https://www.debian.org/security/", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8768", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-20852", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8535", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-10743", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-15718", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-20657", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19126", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-1712", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8518", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-12448", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8611", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-8203", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-6251", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8676", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-1549", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-9251", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-17451", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-20060", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-19519", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11070", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-7150", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-1547", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-7664", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8607", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-12052", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-5482", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-14973", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8623", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-15366", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8594", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8690", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-20060", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13752", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8601", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11324", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19925", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-7146", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-1010204", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7013", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11324", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11236", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8524", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2016-10739", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-18751", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-5481", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8536", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8686", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8671", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12447", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8544", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-12049", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8571", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-19519", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-15719", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2013-0169", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8677", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-5436", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-18624", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8595", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13753", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8558", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11459", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11358", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-12447", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8679", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-12795", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-20657", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-5094", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-3844", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-6454", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-20852", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-12450", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-14336", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8619", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2020:4298", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8622", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-1010180", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7598", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8681", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-3825", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8523", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-18074", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0169", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-6237", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-6706", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-20337", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8673", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8559", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8687", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-13822", }, { trust: 0.1, url: "https://docs.openshift.com/container-platform/4.6/updating/updating-cluster", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19923", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-16769", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8672", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-11023", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11358", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-14822", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-14404", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8608", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7662", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8615", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-12449", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-7665", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8666", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8457", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-5953", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8689", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-15847", }, { trust: 0.1, url: "https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-14498", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8735", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11236", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19924", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8586", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-12245", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-14404", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8726", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-1010204", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8596", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8696", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8610", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-18408", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13636", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-1563", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11070", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-14498", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-7149", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12450", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-16056", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-10739", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-20337", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-18074", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-11110", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8584", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19959", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8675", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8563", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-10531", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13232", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-3843", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-14040", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-1010180", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12449", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-10715", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8609", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-9283", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8587", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-18751", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8506", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-18624", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-11022", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8583", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-9251", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12448", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-11008", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11459", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-8597", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/", }, { trust: 0.1, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.1, url: "https://access.redhat.com/articles/11258", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/curl/7.47.0-1ubuntu2.12", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/curl/7.61.0-1ubuntu2.3", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.6", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/curl/7.35.0-1ubuntu2.20", }, { trust: 0.1, url: "https://usn.ubuntu.com/usn/usn-3882-1", }, { trust: 0.1, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3822", }, { trust: 0.1, url: "http://slackware.com", }, { trust: 0.1, url: "http://osuosl.org)", }, { trust: 0.1, url: "http://slackware.com/gpg-key", }, { trust: 0.1, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16890", }, ], sources: [ { db: "VULMON", id: "CVE-2019-3823", }, { db: "BID", id: "106950", }, { db: "JVNDB", id: "JVNDB-2019-001681", }, { db: "PACKETSTORM", id: "152034", }, { db: "PACKETSTORM", id: "151568", }, { db: "PACKETSTORM", id: "159727", }, { db: "PACKETSTORM", id: "155162", }, { db: "PACKETSTORM", id: "151566", }, { db: "PACKETSTORM", id: "151569", }, { db: "CNNVD", id: "CNNVD-201902-125", }, { db: "NVD", id: "CVE-2019-3823", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2019-3823", }, { db: "BID", id: "106950", }, { db: "JVNDB", id: "JVNDB-2019-001681", }, { db: "PACKETSTORM", id: "152034", }, { db: "PACKETSTORM", id: "151568", }, { db: "PACKETSTORM", id: "159727", }, { db: "PACKETSTORM", id: "155162", }, { db: "PACKETSTORM", id: "151566", }, { db: "PACKETSTORM", id: "151569", }, { db: "CNNVD", id: "CNNVD-201902-125", }, { db: "NVD", id: "CVE-2019-3823", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-02-06T00:00:00", db: "VULMON", id: "CVE-2019-3823", }, { date: "2019-02-06T00:00:00", db: "BID", id: "106950", }, { date: "2019-03-22T00:00:00", db: "JVNDB", id: "JVNDB-2019-001681", }, { date: "2019-03-11T18:48:31", db: "PACKETSTORM", id: "152034", }, { date: "2019-02-07T16:32:00", db: "PACKETSTORM", id: "151568", }, { date: "2020-10-27T16:59:02", db: "PACKETSTORM", id: "159727", }, { date: "2019-11-06T15:57:33", db: "PACKETSTORM", id: "155162", }, { date: "2019-02-06T22:35:20", db: "PACKETSTORM", id: "151566", }, { date: "2019-02-07T16:32:06", db: "PACKETSTORM", id: "151569", }, { date: "2019-02-06T00:00:00", db: "CNNVD", id: "CNNVD-201902-125", }, { date: "2019-02-06T20:29:00.400000", db: "NVD", id: "CVE-2019-3823", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-11-07T00:00:00", db: "VULMON", id: "CVE-2019-3823", }, { date: "2019-07-17T06:00:00", db: "BID", id: "106950", }, { date: "2019-03-22T00:00:00", db: "JVNDB", id: "JVNDB-2019-001681", }, { date: "2021-03-10T00:00:00", db: "CNNVD", id: "CNNVD-201902-125", }, { date: "2024-11-21T04:42:37.110000", db: "NVD", id: "CVE-2019-3823", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "151566", }, { db: "CNNVD", id: "CNNVD-201902-125", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "libcurl Vulnerable to out-of-bounds reading", sources: [ { db: "JVNDB", id: "JVNDB-2019-001681", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-201902-125", }, ], trust: 0.6, }, }
fkie_cve-2019-3823
Vulnerability from fkie_nvd
Published
2019-02-06 20:29
Modified
2024-11-21 04:42
Severity ?
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| haxx | libcurl | * | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| debian | debian_linux | 9.0 | |
| netapp | clustered_data_ontap | * | |
| oracle | communications_operations_monitor | 3.4 | |
| oracle | communications_operations_monitor | 4.0 | |
| oracle | http_server | 12.2.1.3.0 | |
| oracle | secure_global_desktop | 5.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", matchCriteriaId: "AA479CAB-06B4-450E-B78A-60A623E62863", versionEndExcluding: "7.64.0", versionStartIncluding: "7.34.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", matchCriteriaId: "07C312A0-CD2C-4B9C-B064-6409B25C278F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*", matchCriteriaId: "B0E976A9-6253-4DF5-9370-471D0469B395", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", matchCriteriaId: "D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", matchCriteriaId: "E3517A27-E6EE-497C-9996-F78171BBE90F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*", matchCriteriaId: "B5265C91-FF5C-4451-A7C2-D388A65ACFA2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", }, { lang: "es", value: "libcurl, desde la versión 7.34.0 hasta antes de la 7.64.0, es vulnerable a una lectura de memoria dinámica (heap) fuera de límites en el código que maneja el final de la respuesta para SMTP. Si el búfer que se pasa a \"smtp_endofresp()\" no termina en NUL, no contiene caracteres que terminen el número analizado y \"len\" se establece como 5, la llamada \"strtol()\" lee más allá del búfer asignado. Los contenidos de la lectura no se devolverán al llamante.", }, ], id: "CVE-2019-3823", lastModified: "2024-11-21T04:42:37.110", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-02-06T20:29:00.400", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106950", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", }, { source: "secalert@redhat.com", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201903-03", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190315-0001/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3882-1/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4386", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { source: "secalert@redhat.com", url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:3701", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://curl.haxx.se/docs/CVE-2019-3823.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201903-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190315-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3882-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4386", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.