Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
haxx libcurl 7.41.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-3236
cURL and libcurl 7.40.0 up to and including 7.42.1 send the HTTP Basic authentication credentials for a previous connection when reusing a reset (curl_easy_reset) connection handle to send a request to the same host name, which allows remote malicious users to obtain sensitive in...
Haxx Curl 7.40.0
Haxx Libcurl 7.40.0
Haxx Curl 7.42.0
Haxx Libcurl 7.42.1
Haxx Libcurl 7.41.0
Haxx Curl 7.42.1
Haxx Curl 7.41.0
Haxx Libcurl 7.42.0
NA
CVE-2015-3144
The fix_hostname function in cURL and libcurl 7.37.0 up to and including 7.41.0 does not properly calculate an index, which allows remote malicious users to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-leng...
Oracle Mysql Enterprise Monitor
Haxx Curl 7.40.0
Haxx Curl 7.38.0
Haxx Curl 7.41.0
Haxx Curl 7.37.1
Haxx Curl 7.37.0
Haxx Curl 7.39.0
Haxx Libcurl 7.37.0
Haxx Libcurl 7.40.0
Haxx Libcurl 7.41.0
Haxx Libcurl 7.38.0
Haxx Libcurl 7.37.1
Haxx Libcurl 7.39
Canonical Ubuntu Linux 12.04
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
NA
CVE-2015-3237
The smb_request_state function in cURL and libcurl 7.40.0 up to and including 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
Haxx Curl 7.40.0
Haxx Libcurl 7.40.0
Haxx Curl 7.42.0
Haxx Libcurl 7.42.1
Haxx Libcurl 7.41.0
Haxx Curl 7.42.1
Haxx Curl 7.41.0
Haxx Libcurl 7.42.0
Hp System Management Homepage
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Glassfish Server 3.1.2
Oracle Enterprise Manager Ops Center 12.3.2
Oracle Glassfish Server 3.0.1
Oracle Enterprise Manager Ops Center 12.1.4
NA
CVE-2015-3145
The sanitize_cookie_path function in cURL and libcurl 7.31.0 up to and including 7.41.0 does not properly calculate an index, which allows remote malicious users to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie pa...
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Canonical Ubuntu Linux 12.04
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Haxx Curl 7.35.0
Haxx Curl 7.32.0
Haxx Curl 7.40.0
Haxx Curl 7.33.0
Haxx Curl 7.36.0
Haxx Curl 7.38.0
Haxx Curl 7.31.0
Haxx Curl 7.41.0
Haxx Curl 7.34.0
Haxx Curl 7.37.1
Haxx Curl 7.37.0
Haxx Curl 7.39.0
Apple Mac Os X 10.10.0
Apple Mac Os X 10.10.4
Apple Mac Os X 10.10.1
1 Github repository
5.3
CVSSv3
CVE-2016-3739
The (1) mbed_connect_step1 function in lib/vtls/mbedtls.c and (2) polarssl_connect_step1 function in lib/vtls/polarssl.c in cURL and libcurl prior to 7.49.0, when using SSLv3 or making a TLS connection to a URL that uses a numerical IP address, allow remote malicious users to spo...
Haxx Curl 7.21.3
Haxx Curl 7.24.0
Haxx Curl 7.35.0
Haxx Curl 7.21.5
Haxx Curl 7.21.1
Haxx Curl 7.32.0
Haxx Curl 7.40.0
Haxx Curl 7.29.0
Haxx Curl 7.48.0
Haxx Curl 7.22.0
Haxx Curl 7.33.0
Haxx Curl 7.45.0
Haxx Curl 7.44.0
Haxx Curl 7.26.0
Haxx Curl 7.23.1
Haxx Curl 7.25.0
Haxx Curl 7.36.0
Haxx Curl 7.21.6
Haxx Curl 7.30.0
Haxx Curl 7.27.0
Haxx Curl 7.38.0
Haxx Curl 7.21.2
7.5
CVSSv3
CVE-2020-8286
curl 7.41.0 up to and including 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.
Haxx Libcurl
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Bootstrap Os -
Netapp Hci Storage Node Firmware -
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.15.7
Apple Macos
Siemens Simatic Tim 1531 Irc Firmware
Siemens Sinec Infrastructure Network Services
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Essbase 21.2
Oracle Communications Cloud Native Core Policy 1.14.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started