vulnerability

SUSE: CVE-2016-8615: SUSE Linux Security Advisory

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
Nov 3, 2016
Added
Nov 3, 2016
Modified
Feb 4, 2022

Description

A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar.

Solution(s)

suse-upgrade-curlsuse-upgrade-curl-openssl1suse-upgrade-libcurl-develsuse-upgrade-libcurl4suse-upgrade-libcurl4-32bitsuse-upgrade-libcurl4-openssl1suse-upgrade-libcurl4-openssl1-32bitsuse-upgrade-libcurl4-openssl1-x86suse-upgrade-libcurl4-x86suse-upgrade-sles12-docker-imagesuse-upgrade-sles12sp1-docker-image
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.