CVE-2016-8623

Опубликовано: 01 авг. 2018

Источник: debian

EPSS Низкий

Описание

A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
curl	fixed	7.51.0-1		package

Примечания

https://github.com/curl/curl/commit/c5be3d7267c725dbd093ff3a883e07ee8cf2a1d5
https://curl.haxx.se/docs/adv_20161102I.html
https://curl.haxx.se/CVE-2016-8623.patch

EPSS

Процентиль: 69%

0.00619

Низкий

Связанные уязвимости

CVE-2016-8623

CVSS3: 3.3

ubuntu

около 7 лет назад

A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure.

CVE-2016-8623

CVSS3: 3.3

redhat

почти 9 лет назад

A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure.

CVE-2016-8623

CVSS3: 3.3

nvd

около 7 лет назад

A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure.

GHSA-jfjh-88vc-36cr

CVSS3: 7.5

github

больше 3 лет назад

A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure.

openSUSE-SU-2016:2768-1

suse-cvrf

почти 9 лет назад

Security update for curl

EPSS

Процентиль: 69%

0.00619

Низкий