Lucene search
Basic search
Lucene search
Search by product
Subscribe
K
Start 30-day trial
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
SIGN IN
OracleLinux
ELSA-2015-1254
History
Jul 28, 2015 - 12:00 a.m.
Vulners
/
Oraclelinux
/
curl security, bug fix, and enhancement update
curl security, bug fix, and enhancement update
2015-07-28
00:00:00
linux.oracle.com
22
0.009 Low
EPSS
Percentile
83.2%
JSON
[7.19.7-46]
require credentials to match for NTLM re-use (CVE-2015-3143)
close Negotiate connections when done (CVE-2015-3148)
[7.19.7-45]
reject CRLFs in URLs passed to proxy (CVE-2014-8150)
[7.19.7-44]
use only full matches for hosts used as IP address in cookies (CVE-2014-3613)
fix handling of CURLOPT_COPYPOSTFIELDS in curl_easy_duphandle (CVE-2014-3707)
[7.19.7-43]
fix manpage typos found using aspell (#1011101)
fix comments about loading CA certs with NSS in man pages (#1011083)
fix handling of DNS cache timeout while a transfer is in progress (#835898)
eliminate unnecessary inotify events on upload via file protocol (#883002)
use correct socket type in the examples (#997185)
do not crash if MD5 fingerprint is not provided by libssh2 (#1008178)
fix SIGSEGV of curl --retry when network is down (#1009455)
allow to use TLS 1.1 and TLS 1.2 (#1012136)
docs: update the links to cipher-suites supported by NSS (#1104160)
allow to use ECC ciphers if NSS implements them (#1058767)
make curl --trace-time print correct time (#1120196)
let tool call PR_Cleanup() on exit if NSPR is used (#1146528)
ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth (#1154747)
allow to enable/disable new AES cipher-suites (#1156422)
include response headers added by proxy in CURLINFO_HEADER_SIZE (#1161163)
disable libcurl-level downgrade to SSLv3 (#1154059)
[7.19.7-42]
do not force connection close after failed HEAD request (#1168137)
fix occasional SIGSEGV during SSL handshake (#1168668)
[7.19.7-41]
fix a connection failure when FTPS handle is reused (#1154663)
Related
openvas 41
centos 2
nessus 56
ibm 10
veracode 6
oraclelinux 1
redhat 2
f5 4
fedora 11
amazon 2
securityvulns 6
debian 9
osv 7
mageia 4
kaspersky 1
altlinux 1
archlinux 3
ubuntucve 4
hackerone 2
debiancve 4
freebsd 2
cve 4
prion 4
cvelist 4
ubuntu 3
checkpoint_advisories 1
nvd 4
gentoo 1
openvas
openvas
41
Oracle: Security Advisory (ELSA-2015-2159)
2015-11-24 00:00:00
Oracle: Security Advisory (ELSA-2015-1254)
2015-10-06 00:00:00
RedHat Update for curl RHSA-2015:2159-06
2015-11-20 00:00:00
centos
centos
curl, libcurl security update
2015-11-30 19:26:37
curl, libcurl security update
2015-07-26 14:12:23
nessus
nessus
56
Scientific Linux Security Update : curl on SL6.x i386/x86_64 (20150722)
2015-08-04 00:00:00
CentOS 7 : curl (CESA-2015:2159)
2015-12-02 00:00:00
RHEL 6 : curl (RHSA-2015:1254)
2015-07-22 00:00:00
ibm
ibm
10
Security Bulletin: Vulnerabilities in curl affect IBM Security Network Protection
2018-06-16 21:30:39
Security Bulletin: Multiple vulnerabilities in curl affect PowerKVM
2018-06-18 01:30:31
Security Bulletin: Vulnerabilities in curl affect IBM Security Network Intrusion Prevention System
2022-02-23 19:48:26
veracode
veracode
6
CRLF Injection
2019-05-02 05:40:50
Authentication Bypass
2018-05-16 08:57:04
Cookie Leak
2019-01-15 09:06:32
oraclelinux
oraclelinux
curl security, bug fix, and enhancement update
2015-11-23 00:00:00
redhat
redhat
(RHSA-2015:1254) Moderate: curl security, bug fix, and enhancement update
2015-07-22 05:29:46
(RHSA-2015:2159) Moderate: curl security, bug fix, and enhancement update
2015-11-19 14:41:12
f5
f5
4
K85307687 : cURL and libcurl vulnerabilities CVE-2014-3613, CVE-2014-3707, and CVE-2014-8150
2016-11-16 00:00:00
SOL85307687 - cURL and libcurl vulnerabilities CVE-2014-3613, CVE-2014-3707, and CVE-2014-8150
2016-11-16 00:00:00
SOL16707 - cURL and libcurl vulnerability CVE-2015-3148
2015-05-29 00:00:00
fedora
fedora
11
[SECURITY] Fedora 21 Update: mingw-curl-7.42.0-1.fc21
2015-05-04 15:28:35
[SECURITY] Fedora 22 Update: mingw-curl-7.42.0-1.fc22
2015-05-01 16:51:59
[SECURITY] Fedora 21 Update: curl-7.37.0-14.fc21
2015-05-02 18:11:42
amazon
amazon
Medium: curl
2015-02-11 19:36:00
Medium: curl
2015-04-22 16:14:00
securityvulns
securityvulns
6
[ MDVSA-2015:220 ] curl
2015-05-04 00:00:00
[ MDVSA-2015:021 ] curl
2015-01-13 00:00:00
libCurl headers injection
2015-01-13 00:00:00
debian
debian
9
[SECURITY] [DLA 211-1] curl security update
2015-04-29 20:42:59
[SECURITY] [DSA 3232-1] curl security update
2015-04-22 12:08:24
[SECURITY] [DLA 134-1] curl security update
2015-01-15 21:10:23
osv
osv
7
curl - security update
2015-04-29 00:00:00
curl - security update
2015-04-22 00:00:00
curl - security update
2015-01-15 00:00:00
mageia
mageia
4
Updated curl packages fix security vulnerabilities
2015-05-03 03:19:16
Updated curl packages fix CVE-2014-8150
2015-01-09 19:44:12
Updated curl packages fix security vulnerabilities
2014-09-24 20:44:28
kaspersky
kaspersky
KLA10566 Multiple vulnerabilities in cURL
2015-04-24 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package curl version 7.42.0-alt1
2015-04-22 00:00:00
archlinux
archlinux
curl: url request injection
2015-01-18 00:00:00
curl: multiple issues
2015-04-24 00:00:00
curl: out-of-bounds read
2014-11-11 00:00:00
ubuntucve
ubuntucve
4
CVE-2014-8150
2015-01-08 00:00:00
CVE-2015-3148
2015-04-22 00:00:00
CVE-2014-3707
2014-11-05 00:00:00
hackerone
hackerone
Internet Bug Bounty: libcurl: URL request injection
2014-12-25 00:00:00
Internet Bug Bounty: libcurl duphandle read out of bounds
2015-09-16 00:00:00
debiancve
debiancve
4
CVE-2014-8150
2015-01-15 15:59:06
CVE-2015-3148
2015-04-24 14:59:11
CVE-2014-3613
2014-11-18 15:59:00
freebsd
freebsd
cURL -- URL request injection vulnerability
2014-12-25 00:00:00
asterisk -- Mitigation for libcURL HTTP request injection vulnerability
2015-01-12 00:00:00
cve
cve
4
CVE-2014-8150
2015-01-15 15:59:06
CVE-2015-3148
2015-04-24 14:59:11
CVE-2014-3613
2014-11-18 15:59:00
prion
prion
4
Crlf injection
2015-01-15 15:59:00
Cross site request forgery (csrf)
2015-04-24 14:59:00
Out-of-bounds
2014-11-15 20:59:00
cvelist
cvelist
4
CVE-2014-8150
2015-01-15 15:00:00
CVE-2015-3148
2015-04-24 14:00:00
CVE-2014-3707
2014-11-15 20:00:00
ubuntu
ubuntu
curl vulnerability
2015-01-15 00:00:00
curl vulnerabilities
2015-04-30 00:00:00
curl vulnerability
2014-11-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Web Server HTTP Request URL Injection (CVE-2014-8150)
2016-08-28 00:00:00
nvd
nvd
4
CVE-2014-8150
2015-01-15 15:59:06
CVE-2015-3148
2015-04-24 14:59:11
CVE-2014-3707
2014-11-15 20:59:00
gentoo
gentoo
cURL: Multiple vulnerabilities
2015-09-24 00:00:00
0.009 Low
EPSS
Percentile
83.2%
JSON
Related for ELSA-2015-1254
openvas
41
centos
2
nessus
56
ibm
10
veracode
6
oraclelinux
1
redhat
2
f5
4
fedora
11
amazon
2
securityvulns
6
debian
9
osv
7
mageia
4
kaspersky
1
altlinux
1
archlinux
3
ubuntucve
4
hackerone
2
debiancve
4
freebsd
2
cve
4
prion
4
cvelist
4
ubuntu
3
checkpoint_advisories
1
nvd
4
gentoo
1