QID 902387

Date Published: 2022-07-04

QID 902387: Common Base Linux Mariner (CBL-Mariner) Security Update for curl (9909-1)

CBL-Mariner 2.0 is an internal Linux distribution for cloud infrastructure and edge products and services of Microsoft.
CBL-Mariner has released a security update for curl to fix the vulnerabilities.

Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.

  • CVSS V3 rated as High - 7.5 severity.
  • CVSS V2 rated as Medium - 5 severity.
  • Solution

    CBL-Mariner has issued updated packages to fix this vulnerability. For more information about the vulnerability and obtaining patches, refer to the following CBL-Mariner 2.0 security advisories:https://github.com/microsoft/CBL-Mariner/tree/2.0

    Vendor References

    CVEs related to QID 902387

    Software Advisories
    Advisory ID Software Component Link
    9909-1 CBL-Mariner Linux 2\\.0 URL Logo github.com/microsoft/CBL-Mariner/tree/2.0