Lucene search
DebianDEBIAN:DLA-64-1:CEBAFHistorySep 26, 2014 - 9:36 p.m.
[SECURITY] [DLA 64-1] curl security update
2014-09-2621:36:05
lists.debian.org
14
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
77.4%
Package : curl
Version : 7.21.0-2.1+squeeze9
CVE ID : CVE-2014-3613
CVE-2014-3613
By not detecting and rejecting domain names for partial literal IP
addresses properly when parsing received HTTP cookies, libcurl can
be fooled to both sending cookies to wrong sites and into allowing
arbitrary sites to set cookies for others.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 7 | s390 | curl | < 7.26.0-1+wheezy10 | curl_7.26.0-1+wheezy10_s390.deb |
| Debian | 7 | s390x | libcurl4-gnutls-dev | < 7.26.0-1+wheezy10 | libcurl4-gnutls-dev_7.26.0-1+wheezy10_s390x.deb |
| Debian | 7 | sparc | libcurl4-gnutls-dev | < 7.26.0-1+wheezy10 | libcurl4-gnutls-dev_7.26.0-1+wheezy10_sparc.deb |
| Debian | 7 | amd64 | libcurl4-gnutls-dev | < 7.26.0-1+wheezy10 | libcurl4-gnutls-dev_7.26.0-1+wheezy10_amd64.deb |
| Debian | 7 | amd64 | libcurl4-openssl-dev | < 7.26.0-1+wheezy10 | libcurl4-openssl-dev_7.26.0-1+wheezy10_amd64.deb |
| Debian | 7 | kfreebsd-amd64 | libcurl4-openssl-dev | < 7.26.0-1+wheezy10 | libcurl4-openssl-dev_7.26.0-1+wheezy10_kfreebsd-amd64.deb |
| Debian | 7 | mips | libcurl4-gnutls-dev | < 7.26.0-1+wheezy10 | libcurl4-gnutls-dev_7.26.0-1+wheezy10_mips.deb |
| Debian | 7 | i386 | libcurl4-gnutls-dev | < 7.26.0-1+wheezy10 | libcurl4-gnutls-dev_7.26.0-1+wheezy10_i386.deb |
| Debian | 7 | mipsel | curl | < 7.26.0-1+wheezy10 | curl_7.26.0-1+wheezy10_mipsel.deb |
| Debian | 7 | kfreebsd-i386 | libcurl3-nss | < 7.26.0-1+wheezy10 | libcurl3-nss_7.26.0-1+wheezy10_kfreebsd-i386.deb |
Related
prion
prion
Code injection
2014-11-18 15:59:00
veracode
veracode
openvas
openvas
Debian: Security Advisory (DLA-64-1)
2023-03-08 00:00:00
Mageia: Security Advisory (MGASA-2014-0384)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-3022-1)
2014-09-09 00:00:00
osv
osv
curl - security update
2014-09-26 00:00:00
curl - security update
2014-09-10 00:00:00
nessus
nessus
Debian DLA-64-1 : curl security update
2015-03-26 00:00:00
Mandriva Linux Security Advisory : curl (MDVSA-2014:187)
2014-09-26 00:00:00
mageia
mageia
Updated curl packages fix security vulnerabilities
2014-09-24 20:44:28
Updated curl packages fix security vulnerabilities
2014-09-24 20:44:28
ubuntucve
ubuntucve
CVE-2014-3613
2014-09-10 00:00:00
cve
cve
CVE-2014-3613
2014-11-18 15:59:00
debiancve
debiancve
CVE-2014-3613
2014-11-18 15:59:00
suse
suse
curl (important)
2014-09-17 23:04:13
debian
debian
[SECURITY] [DSA 3022-1] curl security update
2014-09-10 17:51:18
ubuntu
ubuntu
curl vulnerabilities
2014-09-15 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in cURL and libcURL affect IBM Security Access Manager (CVE-2014-3613, CVE-2014-8150)
2018-06-16 21:39:01
amazon
amazon
Medium: curl
2014-09-17 21:45:00
securityvulns
securityvulns
libcurl information leakage
2014-09-15 00:00:00
[SECURITY] [DSA 3022-1] curl security update
2014-09-15 00:00:00
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
2015-02-02 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: curl-7.37.0-7.fc21
2014-09-23 04:25:49
[SECURITY] Fedora 20 Update: curl-7.32.0-13.fc20
2014-09-14 03:27:04
[SECURITY] Fedora 21 Update: mingw-curl-7.39.0-1.fc21
2015-01-02 05:06:16
f5
f5
oraclelinux
oraclelinux
curl security, bug fix, and enhancement update
2015-07-28 00:00:00
curl security, bug fix, and enhancement update
2015-11-23 00:00:00
centos
centos
curl, libcurl security update
2015-07-26 14:12:23
curl, libcurl security update
2015-11-30 19:26:37
redhat
redhat
(RHSA-2015:2159) Moderate: curl security, bug fix, and enhancement update
2015-11-19 14:41:12
(RHSA-2015:1254) Moderate: curl security, bug fix, and enhancement update
2015-07-22 05:29:46
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0420
2023-07-05 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0603
2023-06-26 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2015
2015-07-14 00:00:00
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
77.4%
Related for DEBIAN:DLA-64-1:CEBAF