Описание
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 7.29.0-1ubuntu3 |
| hardy | released | 7.18.0-1ubuntu2.4 |
| lucid | released | 7.19.7-1ubuntu1.2 |
| oneiric | released | 7.21.6-3ubuntu3.3 |
| precise | released | 7.22.0-3ubuntu4.1 |
| quantal | released | 7.27.0-1ubuntu1.2 |
| upstream | released | 7.30.0 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 d ...
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
EPSS
5 Medium
CVSS2