Vulnerability & Exploit Database

Back to search

Oracle Solaris 11: CVE-2015-3236: Vulnerability in libcurl

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:P/I:N/A:N) June 22, 2015 May 29, 2017 May 29, 2017


cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authentication credentials for a previous connection when reusing a reset (curl_easy_reset) connection handle to send a request to the same host name, which allows remote attackers to obtain sensitive information via unspecified vectors.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now




Related Vulnerabilities