curl (SUSE:OpenStack Cloud 5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 5 package curl, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2016-5419 — CVSS 7.5 (high): curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers…
CVE-2016-5420 — CVSS 7.5 (high): curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote…
CVE-2016-7141 — CVSS 7.5 (high): curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack…