Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-3148HistoryApr 24, 2015 - 2:59 p.m.
CVE-2015-3148
2015-04-2414:59:11
Debian Security Bug Tracker
security-tracker.debian.org
16
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
77.5%
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | curl | < 7.42.0-1 | curl_7.42.0-1_all.deb |
| Debian | 11 | all | curl | < 7.42.0-1 | curl_7.42.0-1_all.deb |
| Debian | 999 | all | curl | < 7.42.0-1 | curl_7.42.0-1_all.deb |
| Debian | 13 | all | curl | < 7.42.0-1 | curl_7.42.0-1_all.deb |
Related
prion
prion
Cross site request forgery (csrf)
2015-04-24 14:59:00
Code injection
2018-03-12 15:29:00
cvelist
cvelist
CVE-2015-3148
2015-04-24 14:00:00
CVE-2017-2628
2018-03-12 15:00:00
f5
f5
K16707 : cURL and libcurl vulnerability CVE-2015-3148
2015-05-29 00:00:00
SOL16707 - cURL and libcurl vulnerability CVE-2015-3148
2015-05-29 00:00:00
K35453761 : cURL and libcurl vulnerability CVE-2017-2628
2018-03-28 00:00:00
nessus
nessus
F5 Networks BIG-IP : cURL and libcurl vulnerability (K16707)
2016-08-29 00:00:00
NewStart CGSL MAIN 4.05 : curl Vulnerability (NS-SA-2019-0104)
2019-08-12 00:00:00
Debian DLA-211-1 : curl security update
2015-04-30 00:00:00
cve
cve
CVE-2015-3148
2015-04-24 14:59:11
CVE-2017-2628
2018-03-12 15:29:00
veracode
veracode
Authentication Bypass
2018-05-16 08:57:04
Arbitrary Code Execution
2019-01-15 09:16:50
CRLF Injection
2019-05-02 05:40:50
ubuntucve
ubuntucve
CVE-2015-3148
2015-04-22 00:00:00
CVE-2017-2628
2018-03-12 00:00:00
nvd
nvd
CVE-2015-3148
2015-04-24 14:59:11
CVE-2017-2628
2018-03-12 15:29:00
securityvulns
securityvulns
[ MDVSA-2015:220 ] curl
2015-05-04 00:00:00
[USN-2591-1] curl vulnerabilities
2015-05-05 00:00:00
cURL security vulnerabilitiies
2015-11-01 00:00:00
openvas
openvas
RedHat Update for curl RHSA-2017:0847-01
2017-04-07 00:00:00
Debian: Security Advisory (DLA-211-1)
2023-03-08 00:00:00
Mageia: Security Advisory (MGASA-2015-0179)
2022-01-28 00:00:00
redhat
redhat
(RHSA-2017:0847) Moderate: curl security update
2017-03-29 05:37:28
(RHSA-2015:1254) Moderate: curl security, bug fix, and enhancement update
2015-07-22 05:29:46
(RHSA-2015:2159) Moderate: curl security, bug fix, and enhancement update
2015-11-19 14:41:12
debiancve
debiancve
CVE-2017-2628
2018-03-12 15:29:00
debian
debian
[SECURITY] [DLA 211-1] curl security update
2015-04-29 20:42:59
[SECURITY] [DSA 3232-1] curl security update
2015-04-22 12:08:24
osv
osv
CVE-2017-2628
2018-03-12 15:29:00
curl - security update
2015-04-29 00:00:00
curl - security update
2015-04-22 00:00:00
mageia
mageia
Updated curl packages fix security vulnerabilities
2015-05-03 03:19:16
kaspersky
kaspersky
KLA10566 Multiple vulnerabilities in cURL
2015-04-24 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package curl version 7.42.0-alt1
2015-04-22 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: curl-7.40.0-3.fc22
2015-04-26 12:43:00
[SECURITY] Fedora 22 Update: mingw-curl-7.42.0-1.fc22
2015-05-01 16:51:59
[SECURITY] Fedora 21 Update: curl-7.37.0-14.fc21
2015-05-02 18:11:42
amazon
amazon
Medium: curl
2015-04-22 16:14:00
ibm
ibm
Security Bulletin: Vulnerabilities in curl affect IBM Security Network Protection
2018-06-16 21:30:39
Security Bulletin: Multiple vulnerabilities in curl affect PowerKVM
2018-06-18 01:30:31
oraclelinux
oraclelinux
curl security, bug fix, and enhancement update
2015-11-23 00:00:00
curl security, bug fix, and enhancement update
2015-07-28 00:00:00
ubuntu
ubuntu
curl vulnerabilities
2015-04-30 00:00:00
centos
centos
curl, libcurl security update
2015-11-30 19:26:37
curl, libcurl security update
2015-07-26 14:12:23
archlinux
archlinux
curl: multiple issues
2015-04-24 00:00:00
gentoo
gentoo
cURL: Multiple vulnerabilities
2015-09-24 00:00:00
slackware
slackware
[slackware-security] curl
2015-10-29 22:48:27
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
77.5%
Related for DEBIANCVE:CVE-2015-3148