Vulnerability & Exploit Database

Back to search

Gentoo Linux: CVE-2015-3236: cURL: Multiple vulnerabilities

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:P/I:N/A:N) June 21, 2015 October 29, 2017 October 29, 2017

Description

cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authentication credentials for a previous connection when reusing a reset (curl_easy_reset) connection handle to send a request to the same host name, which allows remote attackers to obtain sensitive information via unspecified vectors.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

gentoo-linux-upgrade-net-misc-curl

Related Vulnerabilities