Max CVSS 5.0 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-8624 5.0
curl before version 7.51.0 doesn't parse the authority component of the URL correctly when the host name part ends with a '#' character, and could instead be tricked into connecting to a different host. This may have security implications if you for
29-06-2021 - 15:15 31-07-2018 - 21:29
CVE-2017-14063 5.0
Async Http Client (aka async-http-client) before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL (CVE
16-12-2020 - 06:15 31-08-2017 - 16:29
CVE-2017-14063 5.0
Async Http Client (aka async-http-client) before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL (CVE
25-09-2020 - 15:15 31-08-2017 - 16:29
Back to Top Mark selected
Back to Top