CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 0CVE-2016-7167 – curl: escape and unescape integer overflows
https://notcve.org/view.php?id=CVE-2016-7167
16 Sep 2016 — Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow. Múltiples desbordamientos de entero en las funciones (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape y (4) curl_easy_unescape en libcurl en versiones anteriores a 7.50.3 permiten a atacantes tener impacto no especificado a tra... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2016-5419 – curl: TLS session resumption client cert bypass
https://notcve.org/view.php?id=CVE-2016-5419
03 Aug 2016 — curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers to bypass intended restrictions by resuming a session. curl y libcurl en versiones anteriores a 7.50.1 no previene la reanudación de sesión TLS cuando el certificado del cliente ha cambiado, lo que permite a atacantes remotos eludir restricciones previstas reanudando sesión. It was found that the libcurl library did not prevent TLS session resumption when the client cer... • http://lists.opensuse.org/opensuse-updates/2016-09/msg00011.html • CWE-295: Improper Certificate Validation CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-5420 – curl: Re-using connection with wrong client cert
https://notcve.org/view.php?id=CVE-2016-5420
03 Aug 2016 — curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate. curl y libcurl en versiones anteriores a 7.50.1 no verifica el certificado de cliente cuando se está escogiendo la conexión TLS para reutilizar, lo que podría permitir a atacantes remotos secuestrar la autenticación de la conexión aprove... • http://lists.opensuse.org/opensuse-updates/2016-09/msg00011.html • CWE-285: Improper Authorization CWE-295: Improper Certificate Validation •
CVSS: 8.1EPSS: 2%CPEs: 9EXPL: 0CVE-2016-5421 – curl: Use of connection struct after free
https://notcve.org/view.php?id=CVE-2016-5421
03 Aug 2016 — Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación de memoria en libcurl en versiones anteriores a 7.50.1 permite a atacantes controlar qué conexión es usada o posiblemente tener otros impactos no especificados a través de vectores desconocidos. A use-after-free flaw was found in libcurl. When invoking curl_easy_perform() after cleaning up a multi... • http://lists.opensuse.org/opensuse-updates/2016-09/msg00011.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 4%CPEs: 12EXPL: 0CVE-2015-3153 – Debian Security Advisory 3240-1
https://notcve.org/view.php?id=CVE-2015-3153
30 Apr 2015 — The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents. La configuración por defecto para cURL y libcurl anterior a 7.42.1 envía cabeceras HTTP personalizadas tanto al servidor proxy como al de destinación, lo que podría permitir a servidores proxy remotos obtener información sensible mediante la lectura de los contenidos de cabeceras... • http://curl.haxx.se/docs/adv_20150429.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 70%CPEs: 41EXPL: 1CVE-2015-3145 – Gentoo Linux Security Advisory 201509-02
https://notcve.org/view.php?id=CVE-2015-3145
22 Apr 2015 — The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character. La función sanitize_cookie_path en cURL y libcurl 7.31.0 hasta 7.41.0 no calcula correctamente un indice, lo que permite a atacantes remotos causar una denegación de servicio (escritura fuera de rango y ca... • https://github.com/serz999/CVE-2015-3145 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 159EXPL: 0CVE-2015-3148 – curl: Negotiate not treated as connection-oriented
https://notcve.org/view.php?id=CVE-2015-3148
22 Apr 2015 — cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request. cURL y libcurl 7.10.6 hasta la versión 7.41.0 no reutiliza adecuadamente la conexiones Negotiate autenticadas, lo que permite a atacantes remotos conectarse como otros usuarios a través de una solicitud. It was discovered that libcurl could incorrectly reuse Negotiate authenticated HTTP connections for subsequent requests. If an application... • http://advisories.mageia.org/MGASA-2015-0179.html • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVSS: 9.0EPSS: 1%CPEs: 19EXPL: 0CVE-2015-3144 – Gentoo Linux Security Advisory 201509-02
https://notcve.org/view.php?id=CVE-2015-3144
22 Apr 2015 — The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-length host name, as demonstrated by "http://:80" and ":80." La función fix_hostname en cURL y libcurl 7.37.0 hasta 7.41.0 no calcula correctamente un indice, lo que permite a atacantes remotos causar una denegación de servicio (lectura o escritura fuera... • http://curl.haxx.se/docs/adv_20150422D.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 4%CPEs: 155EXPL: 0CVE-2015-3143 – curl: re-using authenticated connection when unauthenticated
https://notcve.org/view.php?id=CVE-2015-3143
22 Apr 2015 — cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. cURL y libcurl 7.10.6 hasta 7.41.0 no reutilizan correctamente las conexiones NTLM, lo que permite a atacantes remotos conectar como otros usuarios a través de una solicitud no autenticada, un problema similar a CVE-2014-0015. It was discovered that libcurl could incorrectly reuse NTLM-authenticated connect... • http://advisories.mageia.org/MGASA-2015-0179.html • CWE-264: Permissions, Privileges, and Access Controls CWE-287: Improper Authentication •
CVSS: 7.3EPSS: 1%CPEs: 11EXPL: 0CVE-2014-8151 – Gentoo Linux Security Advisory 201701-47
https://notcve.org/view.php?id=CVE-2014-8151
15 Jan 2015 — The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport) back-end for TLS, does not check if a cached TLS session validated the certificate when reusing the session, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. La función darwinssl_connect_step1 en lib/vtls/curl_darwinssl.c en libcurl 7.31.0 hasta 7.39.0, cuando utiliza el backend DarwinSSL (también conocido como SecureTransport)... • http://curl.haxx.se/docs/adv_20150108A.html •