Описание
curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| .NET Core 1.0 on Red Hat Enterprise Linux | rh-dotnetcore10-curl | Affected | ||
| .NET Core 1.1 on Red Hat Enterprise Linux | rh-dotnetcore11-curl | Affected | ||
| .NET Core 2.0 on Red Hat Enterprise Linux | rh-dotnet20-curl | Affected | ||
| .NET Core 2.1 on Red Hat Enterprise Linux | rh-dotnet21-curl | Will not fix | ||
| Red Hat Enterprise Linux 5 | curl | Will not fix | ||
| Red Hat Enterprise Linux 6 | curl | Will not fix | ||
| Red Hat Enterprise Linux 7 | curl | Will not fix | ||
| Red Hat Enterprise Virtualization 3 | mingw-virt-viewer | Will not fix | ||
| Red Hat JBoss Enterprise Web Server 3 | curl | Fix deferred | ||
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | httpd24-curl | Fixed | RHSA-2018:3558 | 13.11.2018 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
4.3 Medium
CVSS2
Связанные уязвимости
curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host.
curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host.
curl before version 7.51.0 uses outdated IDNA 2003 standard to handle ...
curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host.
EPSS
5.3 Medium
CVSS3
4.3 Medium
CVSS2