Lucene search

K
cvelistRedhatCVELIST:CVE-2014-3707
HistoryNov 15, 2014 - 8:00 p.m.

CVE-2014-3707

2014-11-1520:00:00
redhat
www.cve.org
7

AI Score

7.7

Confidence

High

EPSS

0.003

Percentile

69.5%

The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.