Lucene search
CVE-2013-6422
🗓️ 23 Dec 2013 22:02:55Reported by Debian Security Bug TrackerType 
debiancve🔗 security-tracker.debian.org👁 28 Views
The GnuTLS backend in libcurl 7.21.4 through 7.33.0 disables host name field verification, allowing for easier spoofing and MITM attacks
Show more
| Reporter | Title | Published | Views | Family All 37 |
|---|---|---|---|---|
 | Debian DSA-2824-1 : curl - unchecked tls/ssl certificate host name | 20 Dec 201300:00 | – | nessus |
| FreeBSD : cURL library -- cert name check ignore with GnuTLS (4e1f4abc-6837-11e3-9cda-3c970e169bc2) | 19 Dec 201300:00 | – | nessus |
| Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : curl vulnerability (USN-2058-1) | 19 Dec 201300:00 | – | nessus |
| EulerOS 2.0 SP3 : curl (EulerOS-SA-2021-1774) | 30 Apr 202100:00 | – | nessus |
| GLSA-201401-14 : cURL: Multiple vulnerabilities | 21 Jan 201400:00 | – | nessus |
| EulerOS 2.0 SP2 : curl (EulerOS-SA-2020-1626) | 17 Jun 202000:00 | – | nessus |
| EulerOS Virtualization 2.5.3 : curl (EulerOS-SA-2019-1172) | 9 Apr 201900:00 | – | nessus |
| HP System Management Homepage < 7.4 Multiple Vulnerabilities | 8 Oct 201400:00 | – | nessus |
 | CVE-2013-6422 | 23 Dec 201322:55 | – | nvd |
 | cURL library -- cert name check ignore with GnuTLS | 17 Dec 201300:00 | – | freebsd |
10
| OS | OS Version | Architecture | Package | Package Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | curl | 7.34.0-1 | curl_7.34.0-1_all.deb |
| Debian | 11 | all | curl | 7.34.0-1 | curl_7.34.0-1_all.deb |
| Debian | 999 | all | curl | 7.34.0-1 | curl_7.34.0-1_all.deb |
| Debian | 13 | all | curl | 7.34.0-1 | curl_7.34.0-1_all.deb |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo23 Dec 2013 22:55Current
8.7High risk
Vulners AI Score8.7
CVSS24
EPSS0.00344