Lucene search
Gentoo FoundationMGASA-2014-0384HistorySep 24, 2014 - 8:44 p.m.
Updated curl packages fix security vulnerabilities
2014-09-2420:44:28
Gentoo Foundation
advisories.mageia.org
10
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
77.4%
Updated curl packages fix security vulnerabilities: In cURL before 7.38.0, libcurl can be fooled to both sending cookies to wrong sites and into allowing arbitrary sites to set cookies for others. For this problem to trigger, the client application must use the numerical IP address in the URL to access the site (CVE-2014-3613).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | curl | < 7.28.1-6.5 | curl-7.28.1-6.5.mga3 |
Related
prion
prion
Code injection
2014-11-18 15:59:00
veracode
veracode
nessus
nessus
Debian DLA-64-1 : curl security update
2015-03-26 00:00:00
Mandriva Linux Security Advisory : curl (MDVSA-2014:187)
2014-09-26 00:00:00
cve
cve
CVE-2014-3613
2014-11-18 15:59:00
ubuntucve
ubuntucve
CVE-2014-3613
2014-09-10 00:00:00
debian
debian
[SECURITY] [DLA 64-1] curl security update
2014-09-26 21:36:05
[SECURITY] [DSA 3022-1] curl security update
2014-09-10 17:51:18
debiancve
debiancve
CVE-2014-3613
2014-11-18 15:59:00
osv
osv
curl - security update
2014-09-26 00:00:00
curl - security update
2014-09-10 00:00:00
suse
suse
curl (important)
2014-09-17 23:04:13
openvas
openvas
Debian Security Advisory DSA 3022-1 (curl - security update)
2014-09-10 00:00:00
Debian Security Advisory DSA 3022-1 (curl - security update)
2014-09-10 00:00:00
openSUSE: Security Advisory for curl (openSUSE-SU-2014:1139-1)
2014-09-18 00:00:00
ubuntu
ubuntu
curl vulnerabilities
2014-09-15 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in cURL and libcURL affect IBM Security Access Manager (CVE-2014-3613, CVE-2014-8150)
2018-06-16 21:39:01
mageia
mageia
Updated curl packages fix security vulnerabilities
2014-09-24 20:44:28
amazon
amazon
Medium: curl
2014-09-17 21:45:00
securityvulns
securityvulns
libcurl information leakage
2014-09-15 00:00:00
[SECURITY] [DSA 3022-1] curl security update
2014-09-15 00:00:00
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
2015-02-02 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: curl-7.37.0-7.fc21
2014-09-23 04:25:49
[SECURITY] Fedora 20 Update: curl-7.32.0-13.fc20
2014-09-14 03:27:04
[SECURITY] Fedora 21 Update: mingw-curl-7.39.0-1.fc21
2015-01-02 05:06:16
f5
f5
redhat
redhat
(RHSA-2015:2159) Moderate: curl security, bug fix, and enhancement update
2015-11-19 14:41:12
(RHSA-2015:1254) Moderate: curl security, bug fix, and enhancement update
2015-07-22 05:29:46
oraclelinux
oraclelinux
curl security, bug fix, and enhancement update
2015-11-23 00:00:00
curl security, bug fix, and enhancement update
2015-07-28 00:00:00
centos
centos
curl, libcurl security update
2015-07-26 14:12:23
curl, libcurl security update
2015-11-30 19:26:37
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0420
2023-07-05 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0603
2023-06-26 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2015
2015-07-14 00:00:00
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
77.4%
Related for MGASA-2014-0384