ID CVE-2016-8622
Summary The URL percent-encoding decode function in libcurl before 7.51.0 is called `curl_easy_unescape`. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus the length would get either just truncated or both truncated and turned negative. That could then lead to libcurl writing outside of its heap based buffer.
References
Vulnerable Configurations
  • cpe:2.3:a:haxx:libcurl:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.1:beta:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.1:beta:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:6.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:6.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.39.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.39.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.42:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.42:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 13-11-2018 - 11:29)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2018:2486
  • rhsa
    id RHSA-2018:3558
rpms
  • httpd24-curl-0:7.61.1-1.el6
  • httpd24-curl-0:7.61.1-1.el7
  • httpd24-curl-debuginfo-0:7.61.1-1.el6
  • httpd24-curl-debuginfo-0:7.61.1-1.el7
  • httpd24-httpd-0:2.4.34-7.el6
  • httpd24-httpd-0:2.4.34-7.el7
  • httpd24-httpd-debuginfo-0:2.4.34-7.el6
  • httpd24-httpd-debuginfo-0:2.4.34-7.el7
  • httpd24-httpd-devel-0:2.4.34-7.el6
  • httpd24-httpd-devel-0:2.4.34-7.el7
  • httpd24-httpd-manual-0:2.4.34-7.el6
  • httpd24-httpd-manual-0:2.4.34-7.el7
  • httpd24-httpd-tools-0:2.4.34-7.el6
  • httpd24-httpd-tools-0:2.4.34-7.el7
  • httpd24-libcurl-0:7.61.1-1.el6
  • httpd24-libcurl-0:7.61.1-1.el7
  • httpd24-libcurl-devel-0:7.61.1-1.el6
  • httpd24-libcurl-devel-0:7.61.1-1.el7
  • httpd24-libnghttp2-0:1.7.1-7.el6
  • httpd24-libnghttp2-0:1.7.1-7.el7
  • httpd24-libnghttp2-devel-0:1.7.1-7.el6
  • httpd24-libnghttp2-devel-0:1.7.1-7.el7
  • httpd24-mod_ldap-0:2.4.34-7.el6
  • httpd24-mod_ldap-0:2.4.34-7.el7
  • httpd24-mod_md-0:2.4.34-7.el7
  • httpd24-mod_proxy_html-1:2.4.34-7.el6
  • httpd24-mod_proxy_html-1:2.4.34-7.el7
  • httpd24-mod_session-0:2.4.34-7.el6
  • httpd24-mod_session-0:2.4.34-7.el7
  • httpd24-mod_ssl-1:2.4.34-7.el6
  • httpd24-mod_ssl-1:2.4.34-7.el7
  • httpd24-nghttp2-0:1.7.1-7.el6
  • httpd24-nghttp2-0:1.7.1-7.el7
  • httpd24-nghttp2-debuginfo-0:1.7.1-7.el6
  • httpd24-nghttp2-debuginfo-0:1.7.1-7.el7
refmap via4
bid 94105
confirm
gentoo GLSA-201701-47
sectrack 1037192
Last major update 13-11-2018 - 11:29
Published 31-07-2018 - 21:29
Last modified 13-11-2018 - 11:29
Back to Top