CVSS: 7.3EPSS: 0%CPEs: 17EXPL: 0CVE-2014-3620 – Mandriva Linux Security Advisory 2014-187
https://notcve.org/view.php?id=CVE-2014-3620
11 Sep 2014 — cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain. cURL y libcurl anteriores a 7.38.0 permite a atacantes remotos evadir Same Origin Policy y configurar cookies para sitios arbitrarios mediante la configuración de una cookie de un dominio de nivel superior. Paras Sethia discovered that libcurl would sometimes mix up multiple HTTP and HTTPS connections with NTLM authentication to the same serve... • http://curl.haxx.se/docs/adv_20140910B.html • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2014-3613 – curl: incorrect handling of IP addresses in cookie domain
https://notcve.org/view.php?id=CVE-2014-3613
11 Sep 2014 — cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1. cURL y libcurl anteriores a 7.38.0 no manejan correctamente las direcciones IP en nombres de dominio de cookies, lo que permite a atacantes remotos usar cookies definidas por ellos mismos o enviar cookies arbitrarias a ciertos sitios, como or... • http://curl.haxx.se/docs/adv_20140910A.html • CWE-284: Improper Access Control CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 7%CPEs: 169EXPL: 1CVE-2013-2174 – curl: Loop counter error, leading to heap-based buffer overflow when decoding certain URLs
https://notcve.org/view.php?id=CVE-2013-2174
24 Jun 2013 — Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character. Desbordamiento de búfer basado en memoria dinámica en la función curl_easy_unescape en lib/escape.c en cURL y libcurl 7.7 a la 7.30.0, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posibl... • http://curl.haxx.se/docs/adv_20130622.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 1%CPEs: 131EXPL: 0CVE-2013-1944 – curl: Cookie domain suffix match vulnerability
https://notcve.org/view.php?id=CVE-2013-1944
29 Apr 2013 — The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL. La función tailMatch en cookie.c en cURL y libcurl antes de v7.30.0 no comprueba correctamente la ruta del dominio al enviar las cookies, lo que permite robar las cookies a atacantes remotos a través de un sufijo coincidente en el dominio de una URL. Multiple vulnerabilities have been fo... • http://curl.haxx.se/docs/adv_20130412.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 1%CPEs: 80EXPL: 2CVE-2009-0037 – cURL/libcURL 7.19.3 - HTTP 'Location:' Redirect Security Bypass
https://notcve.org/view.php?id=CVE-2009-0037
05 Mar 2009 — The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL. La implementación de redirección en curl y libcurl v5.11 hasta v7.19.3, cuando CURLOPT_FOLLOWLOCATION esta activado, acepta valores de locali... • https://www.exploit-db.com/exploits/32834 • CWE-352: Cross-Site Request Forgery (CSRF) •