CVE-2014-3620

Опубликовано: 18 нояб. 2014

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

Описание

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.

Релиз	Статус	Примечание
devel	released	7.37.1-1ubuntu2
esm-infra-legacy/trusty	released	7.35.0-1ubuntu2.1
lucid	not-affected
precise	not-affected	7.22.0-3ubuntu4.8
trusty	released	7.35.0-1ubuntu2.1
trusty/esm	released	7.35.0-1ubuntu2.1
upstream	released	7.38.0

Показывать по

Ссылки на источники

EPSS

Процентиль: 79%

0.01306

Низкий

5 Medium

CVSS2

Связанные уязвимости

CVE-2014-3620

redhat

больше 11 лет назад

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.

CVE-2014-3620

nvd

около 11 лет назад

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.

CVE-2014-3620

debian

около 11 лет назад

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Sa ...

GHSA-jcjc-gx52-c9q4

github

больше 3 лет назад

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.

EPSS

Процентиль: 79%

0.01306

Низкий

5 Medium

CVSS2

CVE-2014-3620

Описание

Пакет curl

Ссылки на источники

Связанные уязвимости