Vulnerabilities > Haxx > Libcurl > 7.38.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-03 | CVE-2016-7141 | Improper Authentication vulnerability in multiple products curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has been set, a different vulnerability than CVE-2016-5420. | 5.0 |
| 2016-08-10 | CVE-2016-5421 | Use After Free vulnerability in multiple products Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors. | 8.1 |
| 2016-08-10 | CVE-2016-5420 | Improper Authorization vulnerability in multiple products curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate. | 7.5 |
| 2016-08-10 | CVE-2016-5419 | Cryptographic Issues vulnerability in multiple products curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers to bypass intended restrictions by resuming a session. | 7.5 |
| 2015-05-01 | CVE-2015-3153 | Information Exposure vulnerability in multiple products The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents. | 5.0 |
| 2015-04-24 | CVE-2015-3148 | Improper Access Control vulnerability in multiple products cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request. | 5.0 |
| 2015-04-24 | CVE-2015-3145 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character. | 7.5 |
| 2015-04-24 | CVE-2015-3144 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-length host name, as demonstrated by "http://:80" and ":80." The previous CVSS assessment 7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) was provided at the time of initial analysis based on the best available published information at that time. | 9.0 |
| 2015-04-24 | CVE-2015-3143 | Permissions, Privileges, and Access Controls vulnerability in multiple products cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. | 5.0 |
| 2015-01-15 | CVE-2014-8151 | The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport) back-end for TLS, does not check if a cached TLS session validated the certificate when reusing the session, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. | 5.8 |