The curl package in Ubuntu 14.10, 14.04 ESM, 12.04, and 10.04 is vulnerable to memory handling issues when used with CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle, leading to potential sensitive data leakage
Reporter | Title | Published | Views | Family All 106 |
---|---|---|---|---|
![]() | [SECURITY] [DSA 3069-1] curl security update | 7 Nov 201415:40 | – | debian |
![]() | [SECURITY] [DLA 84-1] curl security update | 9 Nov 201416:18 | – | debian |
![]() | [SECURITY] [DSA 3069-1] curl security update | 7 Nov 201415:40 | – | debian |
![]() | Debian DSA-3069-1 : curl - security update | 10 Nov 201400:00 | – | nessus |
![]() | Fedora 21 : curl-7.37.0-11.fc21 (2014-16605) | 15 Dec 201400:00 | – | nessus |
![]() | Oracle Solaris Third-Party Patch Update : libcurl (cve_2014_3707_information_disclosure) | 19 Jan 201500:00 | – | nessus |
![]() | Debian DLA-84-1 : curl security update | 26 Mar 201500:00 | – | nessus |
![]() | Fedora 19 : curl-7.29.0-27.fc19 (2014-16690) | 5 Jan 201500:00 | – | nessus |
![]() | Ubuntu 14.04 LTS : curl vulnerability (USN-2399-1) | 11 Nov 201400:00 | – | nessus |
![]() | Fedora 20 : curl-7.32.0-15.fc20 (2014-14354) | 11 Nov 201400:00 | – | nessus |
Source | Link |
---|---|
ubuntu | www.ubuntu.com/security/CVE-2014-3707 |
OS | OS Version | Architecture | Package | Package Version | Filename |
---|---|---|---|---|---|
Ubuntu | 14.10 | noarch | libcurl3 | 7.37.1-1ubuntu3.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | curl | 7.37.1-1ubuntu3.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | curl-udeb | 7.37.1-1ubuntu3.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | libcurl3-dbg | 7.37.1-1ubuntu3.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | libcurl3-gnutls | 7.37.1-1ubuntu3.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | libcurl3-nss | 7.37.1-1ubuntu3.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | libcurl3-udeb | 7.37.1-1ubuntu3.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | libcurl4-gnutls-dev | 7.37.1-1ubuntu3.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | libcurl4-nss-dev | 7.37.1-1ubuntu3.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | libcurl4-openssl-dev | 7.37.1-1ubuntu3.1 | UNKNOWN |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo