Lucene search
Ubuntu.comUB:CVE-2015-3144HistoryApr 22, 2015 - 12:00 a.m.
CVE-2015-3144
2015-04-2200:00:00
ubuntu.com
ubuntu.com
12
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.065 Low
EPSS
Percentile
93.8%
The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does
not properly calculate an index, which allows remote attackers to cause a
denial of service (out-of-bounds read or write and crash) or possibly have
other unspecified impact via a zero-length host name, as demonstrated by
“http://:80” and “:80.”
Notes
| Author | Note |
|---|---|
| mdeslaur | 7.37.0+ |
Related
nvd
nvd
CVE-2015-3144
2015-04-24 14:59:09
debiancve
debiancve
CVE-2015-3144
2015-04-24 14:59:09
cvelist
cvelist
CVE-2015-3144
2015-04-24 14:00:00
prion
prion
Out-of-bounds
2015-04-24 14:59:00
cve
cve
CVE-2015-3144
2015-04-24 14:59:09
nessus
nessus
MySQL Enterprise Monitor 2.3.x < 2.3.21 / 3.0.x < 3.0.23 Multiple Vulnerabilities
2015-10-22 00:00:00
Amazon Linux AMI : curl (ALAS-2015-514)
2015-04-27 00:00:00
cURL / libcURL 7.x < 7.42.0 Multiple Vulnerabilities
2015-09-15 00:00:00
f5
f5
SOL16708 - cURL and libcurl vulnerabilities CVE-2015-3144 and CVE-2015-3145
2015-05-29 00:00:00
K16708 : cURL and libcurl vulnerabilities CVE-2015-3144 and CVE-2015-3145
2015-05-29 00:00:00
hackerone
hackerone
Imgur: SSRF in https://imgur.com/vidgif/url
2016-02-10 18:53:22
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2015-514)
2015-09-08 00:00:00
Fedora Update for curl FEDORA-2015-6695
2015-07-07 00:00:00
Debian Security Advisory DSA 3232-1 (curl - security update)
2015-04-22 00:00:00
kaspersky
kaspersky
KLA10566 Multiple vulnerabilities in cURL
2015-04-24 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package curl version 7.42.0-alt1
2015-04-22 00:00:00
debian
debian
[SECURITY] [DSA 3232-1] curl security update
2015-04-22 12:08:24
fedora
fedora
[SECURITY] Fedora 22 Update: curl-7.40.0-3.fc22
2015-04-26 12:43:00
[SECURITY] Fedora 21 Update: curl-7.37.0-14.fc21
2015-05-02 18:11:42
[SECURITY] Fedora 21 Update: mingw-curl-7.42.0-1.fc21
2015-05-04 15:28:35
osv
osv
curl - security update
2015-04-22 00:00:00
amazon
amazon
Medium: curl
2015-04-22 16:14:00
securityvulns
securityvulns
[USN-2591-1] curl vulnerabilities
2015-05-05 00:00:00
cURL security vulnerabilitiies
2015-11-01 00:00:00
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006
2015-08-17 00:00:00
ubuntu
ubuntu
curl vulnerabilities
2015-04-30 00:00:00
archlinux
archlinux
curl: multiple issues
2015-04-24 00:00:00
gentoo
gentoo
cURL: Multiple vulnerabilities
2015-09-24 00:00:00
slackware
slackware
[slackware-security] curl
2015-10-29 22:48:27
oracle
oracle
Oracle Critical Patch Update Advisory - October 2015
2015-10-20 00:00:00
Oracle Critical Patch Update - October 2018
2018-12-18 00:00:00
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.065 Low
EPSS
Percentile
93.8%
Related for UB:CVE-2015-3144