ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0099
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0099)
Resumen:	The remote host is missing an update for the 'curl' package(s) announced via the MGASA-2024-0099 advisory.
Descripción:	Summary: The remote host is missing an update for the 'curl' package(s) announced via the MGASA-2024-0099 advisory. Vulnerability Insight: CVE-2024-2004: Usage of disabled protocol If all protocols are disabled at run-time with none being added, curl/libcurl would still allow communication with the default set of allowed protocols, including some that are unencrypted. CVE-2024-2398: HTTP/2 push headers memory-leak A memory leak could occur when an application enabled HTTP/2 server push and the server sent a large number of headers. Affected Software/OS: 'curl' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-2004 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/ issue https://hackerone.com/reports/2384833 json https://curl.se/docs/CVE-2024-2004.json www https://curl.se/docs/CVE-2024-2004.html http://www.openwall.com/lists/oss-security/2024/03/27/1 Common Vulnerability Exposure (CVE) ID: CVE-2024-2379 https://hackerone.com/reports/2410774 https://curl.se/docs/CVE-2024-2379.json https://curl.se/docs/CVE-2024-2379.html http://www.openwall.com/lists/oss-security/2024/03/27/2 Common Vulnerability Exposure (CVE) ID: CVE-2024-2398 https://hackerone.com/reports/2402845 https://curl.se/docs/CVE-2024-2398.json https://curl.se/docs/CVE-2024-2398.html http://www.openwall.com/lists/oss-security/2024/03/27/3 Common Vulnerability Exposure (CVE) ID: CVE-2024-2466 https://hackerone.com/reports/2416725 https://curl.se/docs/CVE-2024-2466.json https://curl.se/docs/CVE-2024-2466.html http://www.openwall.com/lists/oss-security/2024/03/27/4
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.