2 matches found
PT-2015-6076 · Curl +4 · Libcurl +4
Name of the Vulnerable Software and Affected Versions: libcurl versions 7.31.0 through 7.41.0 Description: The issue arises from the sanitize cookie path function not properly validating input, specifically when encountering a cookie path containing only a double-quote character. This can lead to...
UBUNTU-CVE-2015-3145
The sanitizecookiepath function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service out-of-bounds write and crash or possibly have other unspecified impact via a cookie path containing only a double-quote...