CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 0CVE-2016-9586 – curl: printf floating point buffer overflow
https://notcve.org/view.php?id=CVE-2016-9586
20 Jan 2017 — curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks. curl, en versiones anteriores a la 7.52.0, es vulnerable a un desbordamiento de búfer cuando se realiza un envío de un gran puntero flotante en la implementación de libcurl de la función printf(). Si hay aplicacio... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9594 – Gentoo Linux Security Advisory 201701-47
https://notcve.org/view.php?id=CVE-2016-9594
20 Jan 2017 — curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable. curl, en versiones anteriores a la 7.52.1, es vulnerable a un valor aleatorio no inicializado en la función interna de libcurl que devuelve un valor aleatorio bueno de 32 bits. Tener un valor aleatorio débil o virtualmente inexistente hace que las operaciones que lo usan sea... • http://www.securityfocus.com/bid/95094 • CWE-665: Improper Initialization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8625 – curl: IDNA 2003 makes curl use wrong host
https://notcve.org/view.php?id=CVE-2016-8625
14 Dec 2016 — curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host. curl en versiones anteriores a la 7.51.0 emplea el estándar IDNA 2003 obsoleto para gestionar nombres de dominio internacionales, lo que podría hacer que los usuarios envíen peticiones de transferencia de red al host erróneo sin darse cuenta. The Apache HTTP Server is a powerful, efficient, and extensible we... • http://www.securityfocus.com/bid/94107 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8620 – curl: Glob parser write/read out of bounds
https://notcve.org/view.php?id=CVE-2016-8620
04 Nov 2016 — The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. La funcionalidad de "globbing" en curl en versiones anteriores a la 7.51.0 tiene un error que conduce a un desbordamiento de enteros y a una lectura fuera de límites mediante entradas controladas por el usuario. It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authe... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8615 – curl: Cookie injection for other servers
https://notcve.org/view.php?id=CVE-2016-8615
04 Nov 2016 — A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar. Se ha descubierto un problema en versiones anteriores a la 7.51 de curl. Si se escribe el estado de la cookie en un archivo jar de cookie que, posteriormente, será leído y empleado para futuras peticiones, un servidor HTTP malicioso puede inyectar nuevas cookies para... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') CWE-254: 7PK - Security Features •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8623 – curl: Use-after-free via shared cookies
https://notcve.org/view.php?id=CVE-2016-8623
04 Nov 2016 — A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure. Se ha descubierto un problema en versiones anteriores a la 7.51.0 de curl. La forma en la que curl gestiona las cookies permite que otros hilos desencadenen un uso de memoria previamente liberada que conduce a una divulgación de información. It was discovered that curl incorrectly reused client certificates when built with NSS. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8621 – curl: curl_getdate out-of-bounds read
https://notcve.org/view.php?id=CVE-2016-8621
04 Nov 2016 — The `curl_getdate` function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short. La función "curl_getdate" en curl en versiones anteriores a la 7.51.0 es vulnerable a una lectura fuera de límites si recibe una entrada a la que le falta un dígito. It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authentication of a TLS connection. Nguyen Vu Hoang d... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8617 – curl: Out-of-bounds write via unchecked multiplication
https://notcve.org/view.php?id=CVE-2016-8617
04 Nov 2016 — The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`. La función de cifrado en base64 de curl en versiones anteriores a la 7.51.0 es propenso a que se subasigne un búfer en sistemas de 32 bits si recibe, al menos, 1Gb como entrada mediante "CURLOPT_USERNAME". It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use thi... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8616 – curl: Case insensitive password comparison
https://notcve.org/view.php?id=CVE-2016-8616
04 Nov 2016 — A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped credentials, an attacker can cause that connection to be reused if s/he knows the case-insensitive version of the correct password. Se ha descubierto un problema en versiones anteriores a la 7.51.0 de curl. Al reutilizar un... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-255: Credentials Management Errors CWE-287: Improper Authentication CWE-592: DEPRECATED: Authentication Bypass Issues •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-8619 – curl: Double-free in krb5 code
https://notcve.org/view.php?id=CVE-2016-8619
04 Nov 2016 — The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free. La función "read_data()" en security.c en curl en versiones anteriores a la 7.51.0 es vulnerable a una doble liberación (double free) de memoria. It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authentication of a TLS connection. Nguyen Vu Hoang discovered that curl incorrectly handled escaping certai... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-415: Double Free CWE-416: Use After Free •