- Home
- CVEs with nessus.description==This update fixes the following security issues :
- URL request injection (bnc#911363) When libcurl sends a request to a server via a HTTP proxy, it copies the entire URL into the request and sends if off.
(CVE-2014-8150)
If the given URL contains line feeds and carriage returns those will be sent along to the proxy too, which allows the program to for example send a separate HTTP request injected embedded in the URL.
- duphandle read out of bounds. (bnc#901924).
(CVE-2014-3707)
- libcurl cookie leaks (bnc#894575) Additional bug fixed:.
(CVE-2014-3613)
- curl_multi_remove_handle: don't crash on multiple removes (bnc#897816)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top