VYPR

rpm package

suse/curl&distro=SUSE Linux Enterprise Server 12 SP1

pkg:rpm/suse/curl&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1

Vulnerabilities (18)

  • CVE-2016-8623Aug 1, 2018
    affected < 7.37.0-31.1fixed 7.37.0-31.1

    A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure.

  • CVE-2016-8620Aug 1, 2018
    affected < 7.37.0-31.1fixed 7.37.0-31.1

    The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input.

  • CVE-2016-8619Aug 1, 2018
    affected < 7.37.0-31.1fixed 7.37.0-31.1

    The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free.

  • CVE-2016-8616Aug 1, 2018
    affected < 7.37.0-31.1fixed 7.37.0-31.1

    A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connectio

  • CVE-2016-8615Aug 1, 2018
    affected < 7.37.0-31.1fixed 7.37.0-31.1

    A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar.

  • CVE-2016-8621Jul 31, 2018
    affected < 7.37.0-31.1fixed 7.37.0-31.1

    The `curl_getdate` function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short.

  • CVE-2016-8617Jul 31, 2018
    affected < 7.37.0-31.1fixed 7.37.0-31.1

    The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`.

  • CVE-2016-8624Jul 31, 2018
    affected < 7.37.0-31.1fixed 7.37.0-31.1

    curl before version 7.51.0 doesn't parse the authority component of the URL correctly when the host name part ends with a '#' character, and could instead be tricked into connecting to a different host. This may have security implications if you for example use an URL parser that

  • CVE-2016-8622Jul 31, 2018
    affected < 7.37.0-31.1fixed 7.37.0-31.1

    The URL percent-encoding decode function in libcurl before 7.51.0 is called `curl_easy_unescape`. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus th

  • CVE-2016-8618Jul 31, 2018
    affected < 7.37.0-31.1fixed 7.37.0-31.1

    The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.

  • CVE-2016-9586Apr 23, 2018
    affected < 7.37.0-36.1fixed 7.37.0-36.1

    curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could all

  • CVE-2017-7407LowApr 3, 2017
    affected < 7.37.0-36.1fixed 7.37.0-36.1

    The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character,

  • CVE-2016-7167CriOct 7, 2016
    affected < 7.37.0-31.1fixed 7.37.0-31.1

    Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow.

  • CVE-2016-7141HigOct 3, 2016
    affected < 7.37.0-28.1fixed 7.37.0-28.1

    curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no

  • CVE-2016-5421HigAug 10, 2016
    affected < 7.37.0-28.1fixed 7.37.0-28.1

    Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.

  • CVE-2016-5420HigAug 10, 2016
    affected < 7.37.0-28.1fixed 7.37.0-28.1

    curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate.

  • CVE-2016-5419HigAug 10, 2016
    affected < 7.37.0-28.1fixed 7.37.0-28.1

    curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers to bypass intended restrictions by resuming a session.

  • CVE-2016-0755HigJan 29, 2016
    affected < 7.37.0-18.1fixed 7.37.0-18.1

    The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015.