Merge pull request #75 from pascaliske/renovate/standard-changelog-6.x #153
pascaliskeAnnotations
10 errors, 12 warnings, and 4 notices
|
Scan
CVE-2022-32221 - CRITICAL severity - curl: POST following PUT confusion vulnerability in curl
|
|
Scan
CVE-2023-23914 - CRITICAL severity - curl: HSTS ignored on multiple requests vulnerability in curl
|
|
Scan
CVE-2023-38545 - CRITICAL severity - curl: heap based buffer overflow in the SOCKS5 proxy handshake vulnerability in curl
|
|
Scan
CVE-2022-42915 - HIGH severity - curl: HTTP proxy double-free vulnerability in curl
|
|
Scan
CVE-2022-42916 - HIGH severity - curl: HSTS bypass via IDN vulnerability in curl
|
|
Scan
CVE-2022-43551 - HIGH severity - curl: HSTS bypass via IDN vulnerability in curl
|
|
Scan
CVE-2023-27533 - HIGH severity - curl: TELNET option IAC injection vulnerability in curl
|
|
Scan
CVE-2023-27534 - HIGH severity - curl: SFTP path ~ resolving discrepancy vulnerability in curl
|
|
Scan
CVE-2023-28319 - HIGH severity - curl: use after free in SSH sha256 fingerprint check vulnerability in curl
|
|
Scan
CVE-2023-38039 - HIGH severity - curl: out of heap memory issue due to missing limit on header quantity vulnerability in curl
|
|
Scan
CVE-2023-28322 - LOW severity - curl: more POST-after-PUT confusion vulnerability in curl
|
|
Scan
CVE-2023-38546 - LOW severity - curl: cookie injection with none file vulnerability in curl
|
|
Scan
CVE-2023-28322 - LOW severity - curl: more POST-after-PUT confusion vulnerability in libcurl
|
|
Scan
CVE-2023-38546 - LOW severity - curl: cookie injection with none file vulnerability in libcurl
|
|
Scan
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
|
Scan
CVE-2022-43552 - MEDIUM severity - curl: Use-after-free triggered by an HTTP proxy deny response vulnerability in curl
|
|
Scan
CVE-2023-23915 - MEDIUM severity - curl: HSTS amnesia with --parallel vulnerability in curl
|
|
Scan
CVE-2023-23916 - MEDIUM severity - curl: HTTP multi-header compression denial of service vulnerability in curl
|
|
Scan
CVE-2023-27535 - MEDIUM severity - curl: FTP too eager connection reuse vulnerability in curl
|
|
Scan
CVE-2023-27536 - MEDIUM severity - curl: GSS delegation too eager connection re-use vulnerability in curl
|
|
Scan
CVE-2023-27537 - MEDIUM severity - curl: HSTS double-free vulnerability in curl
|
|
Scan
CVE-2023-27538 - MEDIUM severity - curl: SSH connection too eager reuse still vulnerability in curl
|
|
Scan
CVE-2023-28320 - MEDIUM severity - curl: siglongjmp race condition may lead to crash vulnerability in curl
|
|
Scan
CVE-2023-28321 - MEDIUM severity - curl: IDN wildcard match may lead to Improper Cerificate Validation vulnerability in curl
|
|
Scan
CVE-2023-46218 - MEDIUM severity - curl: information disclosure by exploiting a mixed case flaw vulnerability in curl
|
|
Build
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|