CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2014-3613 – curl: incorrect handling of IP addresses in cookie domain
https://notcve.org/view.php?id=CVE-2014-3613
11 Sep 2014 — cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1. cURL y libcurl anteriores a 7.38.0 no manejan correctamente las direcciones IP en nombres de dominio de cookies, lo que permite a atacantes remotos usar cookies definidas por ellos mismos o enviar cookies arbitrarias a ciertos sitios, como or... • http://curl.haxx.se/docs/adv_20140910A.html • CWE-284: Improper Access Control CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 0%CPEs: 131EXPL: 0CVE-2014-0138 – curl: wrong re-use of connections in libcurl
https://notcve.org/view.php?id=CVE-2014-0138
29 Mar 2014 — The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connect as other users via a request, a similar issue to CVE-2014-0015. La configuración por defecto en cURL y libcurl 7.10.6 anterior a 7.36.0 re-utiliza conexiones (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP y (10) LDAP... • http://curl.haxx.se/docs/adv_20140326A.html • CWE-287: Improper Authentication •
CVSS: 5.9EPSS: 0%CPEs: 22EXPL: 0CVE-2014-2522 – Slackware Security Advisory - curl Updates
https://notcve.org/view.php?id=CVE-2014-2522
29 Mar 2014 — curl and libcurl 7.27.0 through 7.35.0, when running on Windows and using the SChannel/Winssl TLS backend, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate. curl y libcurl versiones 7.27.0 hasta 7.35.0, cuando se ejecuta en Windows y utiliza el backend TLS SChannel/W... • http://curl.haxx.se/docs/adv_20140326D.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 130EXPL: 0CVE-2014-0139 – Gentoo Linux Security Advisory 201406-21
https://notcve.org/view.php?id=CVE-2014-0139
29 Mar 2014 — cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. cURL y libcurl 7.1 anterior a 7.36.0, cuando utilizando las librerías OpenSSL, axtls, gsossl o gskit para TLS, reconoce una dirección IP comodín (wildcard) en el ... • http://advisories.mageia.org/MGASA-2015-0165.html • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 0%CPEs: 128EXPL: 0CVE-2014-0015 – curl: re-use of wrong HTTP NTLM connection in libcurl
https://notcve.org/view.php?id=CVE-2014-0015
31 Jan 2014 — cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request. cURL y libcurl 7.10.6 hasta 7.34.0, cuando más de un método de autenticación está habilitado, reutiliza conexiones NTLM, lo que podría permitir a atacantes dependientes de contexto autenticarse como otros usuarios a través de una solicitud. Paras Sethia discovered that libcurl would sometimes mix up ... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 68EXPL: 0CVE-2013-4545 – Mandriva Linux Security Advisory 2013-276
https://notcve.org/view.php?id=CVE-2013-4545
18 Nov 2013 — cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification (CURLOPT_SSL_VERIFYHOST) when the digital signature verification (CURLOPT_SSL_VERIFYPEER) is disabled, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. cURL y libcurl 7.18.0 hasta la versión 7.32.0, cuando es compilado con OpenSSL, desactiva la verificación del nombre de campos del certificado CN y SAN (CURLOPT_SSL_VERIFYHOST) cuando la... • http://curl.haxx.se/docs/adv_20131115.html • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 7%CPEs: 169EXPL: 1CVE-2013-2174 – curl: Loop counter error, leading to heap-based buffer overflow when decoding certain URLs
https://notcve.org/view.php?id=CVE-2013-2174
24 Jun 2013 — Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character. Desbordamiento de búfer basado en memoria dinámica en la función curl_easy_unescape en lib/escape.c en cURL y libcurl 7.7 a la 7.30.0, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posibl... • http://curl.haxx.se/docs/adv_20130622.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 1%CPEs: 131EXPL: 0CVE-2013-1944 – curl: Cookie domain suffix match vulnerability
https://notcve.org/view.php?id=CVE-2013-1944
29 Apr 2013 — The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL. La función tailMatch en cookie.c en cURL y libcurl antes de v7.30.0 no comprueba correctamente la ruta del dominio al enviar las cookies, lo que permite robar las cookies a atacantes remotos a través de un sufijo coincidente en el dominio de una URL. Multiple vulnerabilities have been fo... • http://curl.haxx.se/docs/adv_20130412.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 89%CPEs: 9EXPL: 2CVE-2013-0249 – cURL - Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2013-0249
08 Mar 2013 — Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message. Desbordamiento de búfer basado en pila en la función de curl_sasl_create_digest_md5_message de libcurl en lib/curl_sasl.c v7.26.0 hasta v7... • https://www.exploit-db.com/exploits/24487 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0CVE-2012-0036
https://notcve.org/view.php?id=CVE-2012-0036
13 Apr 2012 — curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the (1) IMAP, (2) POP3, or (3) SMTP protocol. curl y libcurl v7.2x anteriores v7.24.0 no consideran de forma adecuada los caracteres especiales cuando extraen una ruta de un fichero de una URL, lo que permite a atacantes remotos realizar ataques de injección ... • http://curl.haxx.se/curl-url-sanitize.patch • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •