Lucene search

K
nvd[email protected]NVD:CVE-2014-3620
HistoryNov 18, 2014 - 3:59 p.m.

CVE-2014-3620

2014-11-1815:59:01
CWE-310
web.nvd.nist.gov
7

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

9.5

Confidence

High

EPSS

0.006

Percentile

77.8%

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.

Affected configurations

Nvd
Node
haxxcurlRange7.37.1
OR
haxxcurlMatch7.31.0
OR
haxxcurlMatch7.32.0
OR
haxxcurlMatch7.33.0
OR
haxxcurlMatch7.34.0
OR
haxxcurlMatch7.35.0
OR
haxxcurlMatch7.36.0
OR
haxxcurlMatch7.37.0
Node
haxxlibcurlRange7.37.1
OR
haxxlibcurlMatch7.31.0
OR
haxxlibcurlMatch7.32.0
OR
haxxlibcurlMatch7.33.0
OR
haxxlibcurlMatch7.34.0
OR
haxxlibcurlMatch7.35.0
OR
haxxlibcurlMatch7.36.0
OR
haxxlibcurlMatch7.37.0
Node
applemac_os_xRange10.10.4
VendorProductVersionCPE
haxxcurl*cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*
haxxcurl7.31.0cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*
haxxcurl7.32.0cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*
haxxcurl7.33.0cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*
haxxcurl7.34.0cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*
haxxcurl7.35.0cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*
haxxcurl7.36.0cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*
haxxcurl7.37.0cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*
haxxlibcurl*cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*
haxxlibcurl7.31.0cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 171

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

9.5

Confidence

High

EPSS

0.006

Percentile

77.8%