Upgrade RHEL:8 python3-twisted to version 0:16.4.1-20.el8ost or higher. This issue was patched in RHSA-2022:1646 .

libcurl-minimal vulnerabilities

Known vulnerabilities in the libcurl-minimal package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Use After Free	<0:7.87.0-2.amzn2022.0.1
M Cleartext Transmission of Sensitive Information	<0:7.87.0-2.amzn2022.0.1
M Double Free	<0:7.86.0-1.amzn2022.0.1
M Cleartext Transmission of Sensitive Information	<0:7.86.0-1.amzn2022.0.1
M Stack-based Buffer Overflow	<0:7.86.0-1.amzn2022.0.1
M Expected Behavior Violation	<0:7.86.0-1.amzn2022.0.1
M Cleartext Transmission of Sensitive Information	<0:7.85.0-1.amzn2022.0.1
M Inappropriate Encoding for Output Context	<0:7.85.0-1.amzn2022.0.1
M Improper Certificate Validation	<0:7.85.0-1.amzn2022.0.1
M Insufficiently Protected Credentials	<0:7.85.0-1.amzn2022.0.1
M Information Exposure	<0:7.85.0-1.amzn2022.0.1
M Insufficiently Protected Credentials	<0:7.85.0-1.amzn2022.0.1
M Information Exposure	<0:7.85.0-1.amzn2022.0.1
M Improper Authentication	<0:7.85.0-1.amzn2022.0.1
M Improper Enforcement of Message Integrity During Transmission in a Communication Channel	<0:7.85.0-1.amzn2022.0.1
M Improper Validation of Syntactic Correctness of Input	<0:7.85.0-1.amzn2022.0.1
M Improper Preservation of Permissions	<0:7.85.0-1.amzn2022.0.1
M Allocation of Resources Without Limits or Throttling	<0:7.85.0-1.amzn2022.0.1
M Allocation of Resources Without Limits or Throttling	<0:7.85.0-1.amzn2022.0.1
M Improper Validation of Syntactic Correctness of Input	<0:7.85.0-1.amzn2022
M Improper Enforcement of Message Integrity During Transmission in a Communication Channel	<0:7.85.0-1.amzn2022
M Allocation of Resources Without Limits or Throttling	<0:7.85.0-1.amzn2022
M Improper Preservation of Permissions	<0:7.85.0-1.amzn2022
M Allocation of Resources Without Limits or Throttling	<0:7.85.0-1.amzn2022
M Insufficiently Protected Credentials	<0:7.79.1-2.amzn2022
M Information Exposure	<0:7.79.1-2.amzn2022
M Insufficiently Protected Credentials	<0:7.79.1-2.amzn2022
M Improper Authentication	<0:7.79.1-2.amzn2022
M Improper Certificate Validation	<0:7.82.0-5.amzn2022
M Inappropriate Encoding for Output Context	<0:7.82.0-5.amzn2022
M Information Exposure	<0:7.82.0-5.amzn2022
M Insufficiently Protected Credentials	<0:7.82.0-5.amzn2022
M Insufficiently Protected Credentials	<0:7.82.0-5.amzn2022
M Improper Authentication	<0:7.82.0-5.amzn2022
M Information Exposure	<0:7.82.0-5.amzn2022
M Cleartext Transmission of Sensitive Information	<0:7.82.0-5.amzn2022

Vulnerability

Vulnerable Version

Use After Free

<0:7.87.0-2.amzn2022.0.1

Cleartext Transmission of Sensitive Information

<0:7.87.0-2.amzn2022.0.1

Double Free

<0:7.86.0-1.amzn2022.0.1

Cleartext Transmission of Sensitive Information

<0:7.86.0-1.amzn2022.0.1

Stack-based Buffer Overflow

<0:7.86.0-1.amzn2022.0.1