Search CVE reports
331 – 340 of 34898 results
Using libcurl, when a custom `Host:` header is first set for a HTTP request and a second request is subsequently done using the same *easy handle* but without the custom `Host:` header set, the second request would use...
1 affected package
curl
| Package | 24.04 LTS |
|---|---|
| curl | Fixed |
curl might erroneously pass on credentials for a first proxy to a second proxy.
1 affected package
curl
| Package | 24.04 LTS |
|---|---|
| curl | Fixed |
libcurl might in some circumstances reuse the wrong connection for SMB(S) transfers.
1 affected package
curl
| Package | 24.04 LTS |
|---|---|
| curl | Fixed |
libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTP(S) request after a Negotiate-authenticated one, when both use the same host.
1 affected package
curl
| Package | 24.04 LTS |
|---|---|
| curl | Fixed |
A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text (via IMAP, SMTP, or POP3), a subsequent...
1 affected package
curl
| Package | 24.04 LTS |
|---|---|
| curl | Fixed |
Possible OOB read/write with SPA authenticator
1 affected package
exim4
| Package | 24.04 LTS |
|---|---|
| exim4 | Fixed |
Possible OOB read with large UTF8 trailing characters
1 affected package
exim4
| Package | 24.04 LTS |
|---|---|
| exim4 | Fixed |
Possible OOB read/write on corrupt JSON in header
1 affected package
exim4
| Package | 24.04 LTS |
|---|---|
| exim4 | Fixed |
Possible crash with malicious DNS data when using musl libc
1 affected package
exim4
| Package | 24.04 LTS |
|---|---|
| exim4 | Not affected |
(Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to ...)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |