Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Universal_forwarder
(Splunk)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 61 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-04-01 | CVE-2021-22876 | curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request. | Fabric_operating_system, Debian_linux, Fedora, Libcurl, Hci_compute_node, Hci_management_node, Hci_storage_node, Solidfire, Communications_billing_and_revenue_management, Essbase, Sinec_infrastructure_network_services, Universal_forwarder | 5.3 | ||
| 2021-04-01 | CVE-2021-22890 | curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly "short-cut" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby... | Fabric_operating_system, Debian_linux, Fedora, Libcurl, Hci_management_node, Hci_storage_node, Solidfire, Communications_billing_and_revenue_management, Essbase, Sinec_infrastructure_network_services, Universal_forwarder | 3.7 | ||
| 2021-09-23 | CVE-2021-22945 | When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*. | Macos, Debian_linux, Fedora, Libcurl, Cloud_backup, Clustered_data_ontap, H300e_firmware, H300s_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Solidfire_baseboard_management_controller_firmware, Mysql_server, Sinec_ins, Universal_forwarder | 9.1 | ||
| 2021-08-05 | CVE-2021-22924 | libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the... | Debian_linux, Fedora, Libcurl, Cloud_backup, Clustered_data_ontap, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware, Mysql_server, Peoplesoft_enterprise_peopletools, Logo\!_cmr2020_firmware, Logo\!_cmr2040_firmware, Ruggedcomrm_1224_lte_firmware, Scalance_m804pb_firmware, Scalance_m812\-1_firmware, Scalance_m816\-1_firmware, Scalance_m826\-2_firmware, Scalance_m874\-2_firmware, Scalance_m874\-3_firmware, Scalance_m876\-3_firmware, Scalance_m876\-4_firmware, Scalance_mum856\-1_firmware, Scalance_s615_firmware, Simatic_cp_1543\-1_firmware, Simatic_cp_1545\-1_firmware, Simatic_rtu3010c_firmware, Simatic_rtu3030c_firmware, Simatic_rtu3031c_firmware, Simatic_rtu_3041c_firmware, Sinec_infrastructure_network_services, Sinema_remote_connect, Sinema_remote_connect_server, Siplus_net_cp_1543\-1_firmware, Universal_forwarder | 3.7 | ||
| 2023-03-30 | CVE-2023-27535 | An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too... | Debian_linux, Fedora, Libcurl, Active_iq_unified_manager, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Ontap_9, Universal_forwarder | 5.9 | ||
| 2023-03-30 | CVE-2023-27538 | An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection. | Brocade_fabric_operating_system_firmware, Debian_linux, Fedora, Libcurl, Active_iq_unified_manager, Clustered_data_ontap, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Universal_forwarder | 5.5 | ||
| 2022-10-29 | CVE-2022-42915 | curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling,... | Macos, Fedora, Curl, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Ontap_9, Universal_forwarder | 8.1 | ||
| 2021-08-03 | CVE-2021-30560 | Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Chrome, Universal_forwarder, Libxslt | 8.8 | ||
| 2022-07-07 | CVE-2022-32205 | A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are... | Macos, Debian_linux, Fedora, Curl, Clustered_data_ontap, Element_software, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Hci_management_node, Solidfire, Scalance_sc622\-2c_firmware, Scalance_sc626\-2c_firmware, Scalance_sc632\-2c_firmware, Scalance_sc636\-2c_firmware, Scalance_sc642\-2c_firmware, Scalance_sc646\-2c_firmware, Universal_forwarder | 4.3 | ||
| 2022-07-07 | CVE-2022-32206 | curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand... | Debian_linux, Fedora, Curl, Bootstrap_os, Clustered_data_ontap, Element_software, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Hci_management_node, Solidfire, Scalance_sc622\-2c_firmware, Scalance_sc626\-2c_firmware, Scalance_sc632\-2c_firmware, Scalance_sc636\-2c_firmware, Scalance_sc642\-2c_firmware, Scalance_sc646\-2c_firmware, Universal_forwarder | 6.5 |