CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8625 – curl: IDNA 2003 makes curl use wrong host
https://notcve.org/view.php?id=CVE-2016-8625
14 Dec 2016 — curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host. curl en versiones anteriores a la 7.51.0 emplea el estándar IDNA 2003 obsoleto para gestionar nombres de dominio internacionales, lo que podría hacer que los usuarios envíen peticiones de transferencia de red al host erróneo sin darse cuenta. The Apache HTTP Server is a powerful, efficient, and extensible we... • http://www.securityfocus.com/bid/94107 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8620 – curl: Glob parser write/read out of bounds
https://notcve.org/view.php?id=CVE-2016-8620
04 Nov 2016 — The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. La funcionalidad de "globbing" en curl en versiones anteriores a la 7.51.0 tiene un error que conduce a un desbordamiento de enteros y a una lectura fuera de límites mediante entradas controladas por el usuario. It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authe... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8615 – curl: Cookie injection for other servers
https://notcve.org/view.php?id=CVE-2016-8615
04 Nov 2016 — A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar. Se ha descubierto un problema en versiones anteriores a la 7.51 de curl. Si se escribe el estado de la cookie en un archivo jar de cookie que, posteriormente, será leído y empleado para futuras peticiones, un servidor HTTP malicioso puede inyectar nuevas cookies para... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') CWE-254: 7PK - Security Features •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8623 – curl: Use-after-free via shared cookies
https://notcve.org/view.php?id=CVE-2016-8623
04 Nov 2016 — A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure. Se ha descubierto un problema en versiones anteriores a la 7.51.0 de curl. La forma en la que curl gestiona las cookies permite que otros hilos desencadenen un uso de memoria previamente liberada que conduce a una divulgación de información. It was discovered that curl incorrectly reused client certificates when built with NSS. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8621 – curl: curl_getdate out-of-bounds read
https://notcve.org/view.php?id=CVE-2016-8621
04 Nov 2016 — The `curl_getdate` function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short. La función "curl_getdate" en curl en versiones anteriores a la 7.51.0 es vulnerable a una lectura fuera de límites si recibe una entrada a la que le falta un dígito. It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authentication of a TLS connection. Nguyen Vu Hoang d... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8617 – curl: Out-of-bounds write via unchecked multiplication
https://notcve.org/view.php?id=CVE-2016-8617
04 Nov 2016 — The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`. La función de cifrado en base64 de curl en versiones anteriores a la 7.51.0 es propenso a que se subasigne un búfer en sistemas de 32 bits si recibe, al menos, 1Gb como entrada mediante "CURLOPT_USERNAME". It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use thi... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8616 – curl: Case insensitive password comparison
https://notcve.org/view.php?id=CVE-2016-8616
04 Nov 2016 — A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped credentials, an attacker can cause that connection to be reused if s/he knows the case-insensitive version of the correct password. Se ha descubierto un problema en versiones anteriores a la 7.51.0 de curl. Al reutilizar un... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-255: Credentials Management Errors CWE-287: Improper Authentication CWE-592: DEPRECATED: Authentication Bypass Issues •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-8619 – curl: Double-free in krb5 code
https://notcve.org/view.php?id=CVE-2016-8619
04 Nov 2016 — The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free. La función "read_data()" en security.c en curl en versiones anteriores a la 7.51.0 es vulnerable a una doble liberación (double free) de memoria. It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authentication of a TLS connection. Nguyen Vu Hoang discovered that curl incorrectly handled escaping certai... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8618 – curl: Double-free in curl_maprintf
https://notcve.org/view.php?id=CVE-2016-8618
04 Nov 2016 — The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables. La función API de libcurl llamada "curl_maprintf()" en versiones anteriores a la 7.51.0 puede ser engañada para realizar una doble liberación (double free) debido a una multiplicación "size_t" insegura en sistemas que utilizan variables "size_t" de 32 bits. It was discovered that curl incorrectly reused client ce... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8624 – curl: Invalid URL parsing with '#'
https://notcve.org/view.php?id=CVE-2016-8624
04 Nov 2016 — curl before version 7.51.0 doesn't parse the authority component of the URL correctly when the host name part ends with a '#' character, and could instead be tricked into connecting to a different host. This may have security implications if you for example use an URL parser that follows the RFC to check for allowed domains before using curl to request them. curl en versiones anteriores a la 7.51.0 no analiza el componente authority de la URL correctamente cuando el nombre del host termina con un carácter "... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-20: Improper Input Validation •