3 matches found
cURL/libcurl 7.x < 7.51.0 Multiple Vulnerabilities
Binary data 9826.prm...
curl: URL request injection vulnerability in parseurlandfillconn()
It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct...
cURL/libcURL Remote Security Restriction Bypass Vulnerability
cURL/libcURL is a command line file transfer tool that supports FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. cURL/libcURL versions 6.0-7.39.0 contain a URL request injection vulnerability in the implementation of parseurlandfillconn, which can be exploited by attackers to bypass...