Action not permitted
Modal body text goes here.
cve-2015-3143
Vulnerability from cvelistv5
Published
2015-04-24 14:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:31.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF03544",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"name": "FEDORA-2015-6853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
},
{
"name": "DSA-3232",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"name": "FEDORA-2015-6712",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "MDVSA-2015:219",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "74299",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74299"
},
{
"name": "RHSA-2015:1254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"name": "MDVSA-2015:220",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "openSUSE-SU-2015:0799",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "HPSBHF03544",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"name": "FEDORA-2015-6853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
},
{
"name": "DSA-3232",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"name": "FEDORA-2015-6712",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "MDVSA-2015:219",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "74299",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74299"
},
{
"name": "RHSA-2015:1254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"name": "MDVSA-2015:220",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "openSUSE-SU-2015:0799",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF03544",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"name": "FEDORA-2015-6853",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"name": "http://curl.haxx.se/docs/adv_20150422A.html",
"refsource": "CONFIRM",
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
},
{
"name": "DSA-3232",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"name": "FEDORA-2015-6712",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "MDVSA-2015:219",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "74299",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74299"
},
{
"name": "RHSA-2015:1254",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"name": "MDVSA-2015:220",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "openSUSE-SU-2015:0799",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0179.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3143",
"datePublished": "2015-04-24T14:00:00",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:31.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2015-3143\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2015-04-24T14:59:08.187\",\"lastModified\":\"2018-01-05T02:30:04.773\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.\"},{\"lang\":\"es\",\"value\":\"cURL y libcurl 7.10.6 hasta 7.41.0 no reutilizan correctamente las conexiones NTLM, lo que permite a atacantes remotos conectar como otros usuarios a trav\u00e9s de una solicitud no autenticada, un problema similar a CVE-2014-0015.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.10.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D65CDC0-580B-42B3-97E8-69BE44CDB68C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.10.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01001EEA-AB99-4041-8188-38CEBE9C3031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.10.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31DB0DA3-88B7-43ED-8102-CEBC28524CE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87596B6A-A7B3-4256-9982-45D3B6E3E018\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0045855F-A707-415A-AC12-6981B68B08E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B49807DC-0BDA-41F6-BB76-7C62328D245F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A78B6B8-9F4B-46AC-BB04-7EBADC690CBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFE80B46-33F0-4338-AF37-9E7E31FC5E83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD38D8C6-9EEE-4160-9353-773943A560B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD33549E-EFFB-466F-8B47-BE036D454693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16BB71C8-3564-4E69-A2C3-E9AB1F9EF20C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4966AA12-15DB-44E5-84AF-9D7AF4A52F86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"827B6C8A-59C4-4714-9406-5C8EB5073AB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93A11305-E4FF-473B-9415-AF1F0E7A27D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8444095B-AF8F-42B5-BD4D-9CBE9238E42D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C22F23AE-02AB-42F0-AA16-D2F8C94E5DE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B33DE520-BD2A-4499-B1F8-1439AE16AB57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041FCB20-E74F-4550-AC48-EE4E5875E118\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.15.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D16DBA5E-582F-4648-932E-8A1EFB7FE3D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.15.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A25323F4-7C67-4097-AD53-A6B9E6D96BA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.15.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36919682-F59E-4EC0-886C-AE967F636753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B45AF234-3651-4367-BFEF-8766F66FB138\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E46A9126-A02E-44CD-885D-0956E0C87C2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91E9C756-7FE3-4197-8C18-99CD1F49B0D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.16.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88806B7D-5EFE-4F91-B115-732882D2C126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.16.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BB9E8AB-B3EC-4743-B39B-7325EEB17233\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5030FBB0-C95B-4ADE-BFC2-CCA37AAD019B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5513618A-6770-4292-95D1-68F55D8343CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7494C01F-E9EC-406E-879A-B2045865E282\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.18.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DD9F894-4576-4ED1-9F55-4C27ECE7E058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.18.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49AFACAC-BBAF-469B-BF05-0478E987120F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A136E86-0697-4915-BC49-F570C776EDE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.19.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECB241AF-A01D-4FD6-B98A-F4C20F844C2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.19.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5B61901-F7DF-4805-8EB7-CA1701CA81CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.19.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB0CDEC9-224A-4668-B2E4-2145653E3F2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.19.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E92BE9CB-F001-47A0-94E0-48FC01A63FE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.19.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"324E2A20-2F66-4E03-9A7F-A09E631E9033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.19.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8987B53-BD80-40B9-8429-21AD97208040\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.19.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"490D1BDC-33B9-43BA-B6DA-42DEE577082A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.20.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B465BE7E-0B4D-4BC4-894B-3F51A201CE91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.20.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAA17087-3021-4961-B53C-CDCC872A31A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.21.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5CA3936-4602-40E6-B75C-58D3F24268E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.21.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D87C110C-21DD-438A-90EF-BE516CF59F3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.21.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD2D9E0E-2EED-4FB5-859C-05226FC48D7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.21.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CA01E21-71CE-4B07-B5A6-D0D7AC493A5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.21.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51239254-31CE-4BF7-8669-1525BA391362\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.21.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E2BE20D-232D-4C86-81B0-C82CCC1CAA62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.21.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D652FD7C-1521-4391-AAE1-0A4D6F4CE8F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.21.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB861143-F809-45CF-95BE-E64F4BA1A0DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.22.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3480F4A-0AE0-4428-9EDA-5A6B994909A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.23.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"936BF59E-33A8-46BA-9FBD-8763812E2F10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33168C81-6DAE-40D6-9693-68390CD71DA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.24.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"424F9604-AA9A-4D45-A521-0BDEDB723659\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.25.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC6EBCEB-E52C-4FF5-B15A-6960F58090EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.26.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D204E994-4591-403C-8EF3-D3B7BF4AA1A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.27.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBF5418D-1162-4B1E-BC3D-06A3E084BEFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.28.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CA65F31-3D54-4F66-A0A3-2BD993FF38F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.28.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41ACC9FE-62FF-424B-B4B8-B033FEAF7686\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.29.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8BC39E9-5945-4DC8-ACA8-1C9918D9F279\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.30.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9658447-FBB0-4DEA-8FEE-BD4D3D1BF7FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ECABFCB-0D02-4B5B-BB35-C6B3C0896348\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A5176F0-E62F-46FF-B536-DC0680696773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"506A3761-3D24-43DB-88D8-4EB5B9E8BA5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B6EF8B0-0E86-449C-A500-ACD902A78C7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D558CC2-0146-4887-834E-19FCB1D512A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6931764D-16AB-4546-9CE3-5B4E03BC984A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B27C2E02-5C0A-4A12-B0A6-5B1C0DFA94E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFC7535F-B8C7-490F-A2F9-1DCFD41A3C9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CCBFE6D-F6A9-4394-9AF8-F830DC7E6A81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DEBBFCA-6A18-4F8F-B841-50255C952FA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEEAE437-A645-468B-B283-44799658F534\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49A63F39-30BE-443F-AF10-6245587D3359\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F38D3B7E-8429-473F-BB31-FC3583EE5A5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E1F9453-1FB6-4CA7-9285-A243E56667B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F79828BB-2412-46AD-BE3C-A51B48E191AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72D0F13F-D56F-4C1C-A3CF-2E4E704817CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90A4F2E2-1B43-470E-8935-CB32F12A0124\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"797DF5C7-509E-48FD-BD04-C66E01748728\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47BD868A-CE3B-4E39-A588-C4EDA3265A71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A2EE400-1C36-40F4-A9D1-9AB432F168BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06E3CB14-FB16-4F4E-9AD9-A02DC727FF6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08DCC42C-C881-4AEA-9348-E8317C54D62B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BC4EF5A-C8CB-4F33-B4D1-E4192B179D26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81CEF54A-9668-4031-926F-9B978DD5CDF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45068C90-8915-4D19-B36B-993980E28D08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24543011-2458-47B5-984A-901E70084902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB482A9C-D577-4AEE-A08F-CAFA6586B51E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65AF9B86-A555-4D5E-B24E-9EBF78BCD8CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60BBDF07-DB97-433E-B542-EFEBE45550DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA8BE3F8-82ED-4DD7-991E-979E950C98B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"738AA231-4694-46E8-B559-1594263A9987\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9E1F171-B887-499A-BF4F-538EBF347811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07AA276A-0EBA-4DC9-951C-8F8159FAC7A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DEEF534-9AD2-4439-9D69-E91D062C4647\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63643BE1-C978-4CD2-8ED1-2B979DB0676E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6FA04A0-9258-4654-ABCF-F41340B1FA35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE829230-AFDB-4131-9C6A-D9D7A66C5B57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7E8BA30-8087-48D4-AE1B-48326FF826B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47970EFF-2F51-4875-A6BD-E30614E13278\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C9B668-3204-41C5-A82E-262BDFA541DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08C8EE1E-E186-42D6-8B12-05865C73F261\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEA3D88B-41B9-4D79-B47D-B3D6058C0C27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2C80901-D48E-4C2A-9BED-A40007A11C97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"331A51E4-AA73-486F-9618-5A83965F2436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB32DF2C-9208-4853-ADEB-B00D764D7467\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E05636DC-7E38-4605-AAB8-81C0AE37520A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"624DF2F1-53FD-48D3-B93D-44E99C9C0C5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2171C7C-311A-4405-B95F-3A54966FA844\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DE20A41-8B53-46FC-9002-69CC7495171F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87ED9DA0-E880-4CBB-B1AC-5AEE8A004718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5293C7F0-BF9F-4768-889A-876CE78903CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3EB41B3-65F3-4B0E-8CCC-325B14AF605B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"857B244C-2AFB-40C7-A893-7C6DE9871BCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B732CE55-820A-40E0-A885-71BBB6CF8C15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0455A5F2-1515-4CD8-BA2F-74D28E91A661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29034B3A-BE9D-4D68-8C56-4465C03C3693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6249538E-FBCB-4130-91FB-DA78D7BA45DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E11B8A5-50A2-468F-BFB3-86DD9D28AC73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EAE25A0-3828-46F1-AB30-88732CBC9F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1533A85C-2160-445D-8787-E624AEDC5A0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D87B9393-7EA4-43DA-900C-7E840AE2D4C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D1249E9-304F-4952-8DAB-8B79CE5E7D54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83FAF953-6A65-4FAB-BDB5-03B468CD1C9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29F8FF1F-A639-4161-9366-62528AAF4C07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"812AB429-379A-4EDE-9664-5BC2989053F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13DD791F-C4BD-4456-955A-92E84082AA09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A17E442-45AA-4780-98B4-9BF764DCC1C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6AF544C-5F16-4434-B9FB-93B1B7318950\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBFD9ED9-2412-44AE-9C55-0ED03A121B23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67CCE31B-ABDA-4F32-BAF1-B1AD0664B3E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E66A332-ECD1-4452-B444-FB629022FDF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDD3D599-35E9-4590-B5E0-3AF04D344695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3B6BFFB-7967-482C-9B49-4BD25C815299\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1791BF6D-2C96-4A6E-90D4-2906A73601F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"260DD751-4145-4B75-B892-5FC932C6A305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFF4AD0D-2EC5-4CE8-B6B3-2EC8ED2FF118\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EB1CB85-0A9B-4816-B471-278774EE6D4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3831AB03-4E7E-476D-9623-58AADC188DFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABACE305-2F0C-4B59-BC5C-6DF162B450E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FAC1B55-F492-484E-B837-E7745682DE0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0D57914-B40A-462B-9C78-6433BE2B2DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9A12DF7-62C5-46AD-9236-E2821C64156E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C43697D-390A-4AC0-A5D8-62B6D22245BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D52E9E9F-7A35-4CB9-813E-5A1D4A36415C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"257291FB-969C-4413-BA81-806B5E1B40A7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.5.3.1\",\"matchCriteriaId\":\"D06BF4CE-299F-42E4-BA0A-5D68788C92DF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.9.5\",\"matchCriteriaId\":\"9C3A0363-F05A-49C3-A9D2-E4F31B60CD4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8A2286E-9D1C-4B56-8B40-150201B818AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AF9BC68-7F0D-4DF9-9CD8-6CE9844555C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D35FAC77-A0DD-4AF9-AA9E-A4B170842D2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"831B1114-7CA7-43E3-9A15-592218060A1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8B0A12E-E122-4189-A05E-4FEA43C19876\"}]}]}],\"references\":[{\"url\":\"http://advisories.mageia.org/MGASA-2015-0179.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://curl.haxx.se/docs/adv_20150422A.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1254.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3232\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:219\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:220\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/74299\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id/1032232\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2591-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201509-02\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"secalert@redhat.com\"}]}}"
}
}
rhsa-2015_1254
Vulnerability from csaf_redhat
Published
2015-07-20 13:50
Modified
2024-11-22 08:47
Summary
Red Hat Security Advisory: curl security, bug fix, and enhancement update
Notes
Topic
Updated curl packages that fix multiple security issues, several bugs, and
add two enhancements are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
The curl packages provide the libcurl library and the curl utility for
downloading files from servers using various protocols, including HTTP,
FTP, and LDAP.
It was found that the libcurl library did not correctly handle partial
literal IP addresses when parsing received HTTP cookies. An attacker able
to trick a user into connecting to a malicious server could use this flaw
to set the user's cookie to a crafted domain, making other cookie-related
issues easier to exploit. (CVE-2014-3613)
A flaw was found in the way the libcurl library performed the duplication
of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS
option for a handle, using the handle's duplicate could cause the
application to crash or disclose a portion of its memory. (CVE-2014-3707)
It was discovered that the libcurl library failed to properly handle URLs
with embedded end-of-line characters. An attacker able to make an
application using libcurl to access a specially crafted URL via an HTTP
proxy could use this flaw to inject additional headers to the request or
construct additional requests. (CVE-2014-8150)
It was discovered that libcurl implemented aspects of the NTLM and
Negotatiate authentication incorrectly. If an application uses libcurl
and the affected mechanisms in a specifc way, certain requests to a
previously NTLM-authenticated server could appears as sent by the wrong
authenticated user. Additionally, the initial set of credentials for HTTP
Negotiate-authenticated requests could be reused in subsequent requests,
although a different set of credentials was specified. (CVE-2015-3143,
CVE-2015-3148)
Red Hat would like to thank the cURL project for reporting these issues.
Bug fixes:
* An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available
with libcurl. Attackers could abuse the fallback to force downgrade of the
SSL version. The fallback has been removed from libcurl. Users requiring
this functionality can explicitly enable SSLv3.0 through the libcurl API.
(BZ#1154059)
* A single upload transfer through the FILE protocol opened the destination
file twice. If the inotify kernel subsystem monitored the file, two events
were produced unnecessarily. The file is now opened only once per upload.
(BZ#883002)
* Utilities using libcurl for SCP/SFTP transfers could terminate
unexpectedly when the system was running in FIPS mode. (BZ#1008178)
* Using the "--retry" option with the curl utility could cause curl to
terminate unexpectedly with a segmentation fault. Now, adding "--retry" no
longer causes curl to crash. (BZ#1009455)
* The "curl --trace-time" command did not use the correct local time when
printing timestamps. Now, "curl --trace-time" works as expected.
(BZ#1120196)
* The valgrind utility could report dynamically allocated memory leaks on
curl exit. Now, curl performs a global shutdown of the NetScape Portable
Runtime (NSPR) library on exit, and valgrind no longer reports the memory
leaks. (BZ#1146528)
* Previously, libcurl returned an incorrect value of the
CURLINFO_HEADER_SIZE field when a proxy server appended its own headers to
the HTTP response. Now, the returned value is valid. (BZ#1161163)
Enhancements:
* The "--tlsv1.0", "--tlsv1.1", and "--tlsv1.2" options are available for
specifying the minor version of the TLS protocol to be negotiated by NSS.
The "--tlsv1" option now negotiates the highest version of the TLS protocol
supported by both the client and the server. (BZ#1012136)
* It is now possible to explicitly enable or disable the ECC and the new
AES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)
All curl users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues and add these
enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated curl packages that fix multiple security issues, several bugs, and\nadd two enhancements are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP.\n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user\u0027s cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle\u0027s duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl to access a specially crafted URL via an HTTP\nproxy could use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues.\n\nBug fixes:\n\n* An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available\nwith libcurl. Attackers could abuse the fallback to force downgrade of the\nSSL version. The fallback has been removed from libcurl. Users requiring\nthis functionality can explicitly enable SSLv3.0 through the libcurl API.\n(BZ#1154059)\n\n* A single upload transfer through the FILE protocol opened the destination\nfile twice. If the inotify kernel subsystem monitored the file, two events\nwere produced unnecessarily. The file is now opened only once per upload.\n(BZ#883002)\n\n* Utilities using libcurl for SCP/SFTP transfers could terminate\nunexpectedly when the system was running in FIPS mode. (BZ#1008178)\n\n* Using the \"--retry\" option with the curl utility could cause curl to\nterminate unexpectedly with a segmentation fault. Now, adding \"--retry\" no\nlonger causes curl to crash. (BZ#1009455)\n\n* The \"curl --trace-time\" command did not use the correct local time when\nprinting timestamps. Now, \"curl --trace-time\" works as expected.\n(BZ#1120196)\n\n* The valgrind utility could report dynamically allocated memory leaks on\ncurl exit. Now, curl performs a global shutdown of the NetScape Portable\nRuntime (NSPR) library on exit, and valgrind no longer reports the memory\nleaks. (BZ#1146528)\n\n* Previously, libcurl returned an incorrect value of the\nCURLINFO_HEADER_SIZE field when a proxy server appended its own headers to\nthe HTTP response. Now, the returned value is valid. (BZ#1161163)\n\nEnhancements:\n\n* The \"--tlsv1.0\", \"--tlsv1.1\", and \"--tlsv1.2\" options are available for\nspecifying the minor version of the TLS protocol to be negotiated by NSS.\nThe \"--tlsv1\" option now negotiates the highest version of the TLS protocol\nsupported by both the client and the server. (BZ#1012136)\n\n* It is now possible to explicitly enable or disable the ECC and the new\nAES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:1254",
"url": "https://access.redhat.com/errata/RHSA-2015:1254"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "835898",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=835898"
},
{
"category": "external",
"summary": "883002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=883002"
},
{
"category": "external",
"summary": "997185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=997185"
},
{
"category": "external",
"summary": "1008178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1008178"
},
{
"category": "external",
"summary": "1011083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1011083"
},
{
"category": "external",
"summary": "1011101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1011101"
},
{
"category": "external",
"summary": "1058767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1058767"
},
{
"category": "external",
"summary": "1104160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104160"
},
{
"category": "external",
"summary": "1136154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154"
},
{
"category": "external",
"summary": "1154059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154059"
},
{
"category": "external",
"summary": "1154747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154747"
},
{
"category": "external",
"summary": "1154941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941"
},
{
"category": "external",
"summary": "1156422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1156422"
},
{
"category": "external",
"summary": "1161163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161163"
},
{
"category": "external",
"summary": "1168137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168137"
},
{
"category": "external",
"summary": "1178692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692"
},
{
"category": "external",
"summary": "1213306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306"
},
{
"category": "external",
"summary": "1213351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1254.json"
}
],
"title": "Red Hat Security Advisory: curl security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T08:47:34+00:00",
"generator": {
"date": "2024-11-22T08:47:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2015:1254",
"initial_release_date": "2015-07-20T13:50:03+00:00",
"revision_history": [
{
"date": "2015-07-20T13:50:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-07-20T13:50:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T08:47:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.19.7-46.el6.i686",
"product": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686",
"product_id": "libcurl-devel-0:7.19.7-46.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.19.7-46.el6.i686",
"product": {
"name": "libcurl-0:7.19.7-46.el6.i686",
"product_id": "libcurl-0:7.19.7-46.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.19.7-46.el6.i686",
"product": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686",
"product_id": "curl-debuginfo-0:7.19.7-46.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.19.7-46.el6.i686",
"product": {
"name": "curl-0:7.19.7-46.el6.i686",
"product_id": "curl-0:7.19.7-46.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"product": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"product_id": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.19.7-46.el6.x86_64",
"product": {
"name": "curl-0:7.19.7-46.el6.x86_64",
"product_id": "curl-0:7.19.7-46.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.19.7-46.el6.x86_64",
"product": {
"name": "libcurl-0:7.19.7-46.el6.x86_64",
"product_id": "libcurl-0:7.19.7-46.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"product": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"product_id": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-0:7.19.7-46.el6.src",
"product": {
"name": "curl-0:7.19.7-46.el6.src",
"product_id": "curl-0:7.19.7-46.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-debuginfo-0:7.19.7-46.el6.s390",
"product": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390",
"product_id": "curl-debuginfo-0:7.19.7-46.el6.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.19.7-46.el6.s390",
"product": {
"name": "libcurl-0:7.19.7-46.el6.s390",
"product_id": "libcurl-0:7.19.7-46.el6.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libcurl-devel-0:7.19.7-46.el6.s390",
"product": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390",
"product_id": "libcurl-devel-0:7.19.7-46.el6.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.19.7-46.el6.s390x",
"product": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x",
"product_id": "libcurl-devel-0:7.19.7-46.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"product": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"product_id": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.19.7-46.el6.s390x",
"product": {
"name": "curl-0:7.19.7-46.el6.s390x",
"product_id": "curl-0:7.19.7-46.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.19.7-46.el6.s390x",
"product": {
"name": "libcurl-0:7.19.7-46.el6.s390x",
"product_id": "libcurl-0:7.19.7-46.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"product": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"product_id": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libcurl-devel-0:7.19.7-46.el6.ppc",
"product": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc",
"product_id": "libcurl-devel-0:7.19.7-46.el6.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.19.7-46.el6.ppc",
"product": {
"name": "libcurl-0:7.19.7-46.el6.ppc",
"product_id": "libcurl-0:7.19.7-46.el6.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"product": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"product_id": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.19.7-46.el6.ppc64",
"product": {
"name": "curl-0:7.19.7-46.el6.ppc64",
"product_id": "curl-0:7.19.7-46.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"product": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"product_id": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.19.7-46.el6.ppc64",
"product": {
"name": "libcurl-0:7.19.7-46.el6.ppc64",
"product_id": "libcurl-0:7.19.7-46.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-0:7.19.7-46.el6.src"
},
"product_reference": "curl-0:7.19.7-46.el6.src",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-0:7.19.7-46.el6.src"
},
"product_reference": "curl-0:7.19.7-46.el6.src",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.s390"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.src"
},
"product_reference": "curl-0:7.19.7-46.el6.src",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-0:7.19.7-46.el6.src"
},
"product_reference": "curl-0:7.19.7-46.el6.src",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-0:7.19.7-46.el6.src"
},
"product_reference": "curl-0:7.19.7-46.el6.src",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.s390"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-0:7.19.7-46.el6.src"
},
"product_reference": "curl-0:7.19.7-46.el6.src",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Workstation"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"cURL project"
]
},
{
"names": [
"Tim Ruehsen"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-3613",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2014-09-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1136154"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user\u0027s cookie to a crafted domain, making other cookie-related issues easier to exploit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: incorrect handling of IP addresses in cookie domain",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of curl as shipped with Red Hat Enterprise Linux 5 and is not planned to be corrected in future updates.\n\nInktank Ceph Enterprise 1.1 and 1.2 receives only qualified Important and Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Inktank Ceph Enterprise Support Matrix:\nhttp://www.inktank.com/enterprise/support/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3613"
},
{
"category": "external",
"summary": "RHBZ#1136154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20140910A.html",
"url": "http://curl.haxx.se/docs/adv_20140910A.html"
}
],
"release_date": "2014-09-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-07-20T13:50:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1254"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: incorrect handling of IP addresses in cookie domain"
},
{
"acknowledgments": [
{
"names": [
"cURL project"
]
},
{
"names": [
"Symeon Paraschoudis"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-3707",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2014-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1154941"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle\u0027s duplicate could cause the application to crash or disclose a portion of its memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: incorrect handle duplication after COPYPOSTFIELDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the versions of curl as shipped with Red Hat Enterprise Linux 5.\n\nNote that there are no applications provided with Red Hat Enterprise Linux that use the vulnerable CURLOPT_COPYPOSTFIELDS option, except PHP which could only be affected if used in an extremely unlikely scenario or via the script\u0027s author.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3707"
},
{
"category": "external",
"summary": "RHBZ#1154941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3707"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3707",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3707"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20141105.html",
"url": "http://curl.haxx.se/docs/adv_20141105.html"
}
],
"release_date": "2014-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-07-20T13:50:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1254"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"products": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: incorrect handle duplication after COPYPOSTFIELDS"
},
{
"acknowledgments": [
{
"names": [
"cURL project"
]
},
{
"names": [
"Andrey Labunets"
],
"organization": "Facebook",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-8150",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2015-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1178692"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: URL request injection vulnerability in parseurlandfillconn()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-8150"
},
{
"category": "external",
"summary": "RHBZ#1178692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-8150",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20150108B.html",
"url": "http://curl.haxx.se/docs/adv_20150108B.html"
}
],
"release_date": "2015-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-07-20T13:50:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1254"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: URL request injection vulnerability in parseurlandfillconn()"
},
{
"acknowledgments": [
{
"names": [
"Daniel Stenberg"
],
"organization": "curl upstream"
},
{
"names": [
"Paras Sethia"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-3143",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2015-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1213306"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that libcurl could incorrectly reuse NTLM-authenticated connections for subsequent unauthenticated requests to the same host. If an application using libcurl established an NTLM-authenticated connection to a server, and sent subsequent unauthenticated requests to the same server, the unauthenticated requests could be sent over the NTLM-authenticated connection, appearing as if they were sent by the NTLM authenticated user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: re-using authenticated connection when unauthenticated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of curl package as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not planned to be addressed in a future update for Red Hat Enterprise Linux 5.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-3143"
},
{
"category": "external",
"summary": "RHBZ#1213306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20150422A.html",
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
}
],
"release_date": "2015-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-07-20T13:50:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1254"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: re-using authenticated connection when unauthenticated"
},
{
"acknowledgments": [
{
"names": [
"Daniel Stenberg"
],
"organization": "curl upstream"
},
{
"names": [
"Isaac Boukris"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-3148",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2015-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1213351"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that libcurl could incorrectly reuse Negotiate authenticated HTTP connections for subsequent requests. If an application using libcurl established a Negotiate authenticated HTTP connection to a server and sent subsequent requests with different credentials, the connection could be re-used with the initial set of credentials instead of using the new ones.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: Negotiate not treated as connection-oriented",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of curl package as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not planned to be addressed in a future update for Red Hat Enterprise Linux 5.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-3148"
},
{
"category": "external",
"summary": "RHBZ#1213351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-3148",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3148"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3148",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3148"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20150422B.html",
"url": "http://curl.haxx.se/docs/adv_20150422B.html"
}
],
"release_date": "2015-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-07-20T13:50:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1254"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: Negotiate not treated as connection-oriented"
}
]
}
rhsa-2015_2159
Vulnerability from csaf_redhat
Published
2015-11-19 03:26
Modified
2024-11-22 08:47
Summary
Red Hat Security Advisory: curl security, bug fix, and enhancement update
Notes
Topic
Updated curl packages that fix multiple security issues, several bugs, and
add two enhancements are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
The curl packages provide the libcurl library and the curl utility for
downloading files from servers using various protocols, including HTTP,
FTP, and LDAP.
It was found that the libcurl library did not correctly handle partial
literal IP addresses when parsing received HTTP cookies. An attacker able
to trick a user into connecting to a malicious server could use this flaw
to set the user's cookie to a crafted domain, making other cookie-related
issues easier to exploit. (CVE-2014-3613)
A flaw was found in the way the libcurl library performed the duplication
of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS
option for a handle, using the handle's duplicate could cause the
application to crash or disclose a portion of its memory. (CVE-2014-3707)
It was discovered that the libcurl library failed to properly handle URLs
with embedded end-of-line characters. An attacker able to make an
application using libcurl access a specially crafted URL via an HTTP proxy
could use this flaw to inject additional headers to the request or
construct additional requests. (CVE-2014-8150)
It was discovered that libcurl implemented aspects of the NTLM and
Negotatiate authentication incorrectly. If an application uses libcurl
and the affected mechanisms in a specifc way, certain requests to a
previously NTLM-authenticated server could appears as sent by the wrong
authenticated user. Additionally, the initial set of credentials for HTTP
Negotiate-authenticated requests could be reused in subsequent requests,
although a different set of credentials was specified. (CVE-2015-3143,
CVE-2015-3148)
Red Hat would like to thank the cURL project for reporting these issues.
Bug fixes:
* An out-of-protocol fallback to SSL 3.0 was available with libcurl.
Attackers could abuse the fallback to force downgrade of the SSL version.
The fallback has been removed from libcurl. Users requiring this
functionality can explicitly enable SSL 3.0 through the libcurl API.
(BZ#1154060)
* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. You can
explicitly disable them through the libcurl API. (BZ#1170339)
* FTP operations such as downloading files took a significantly long time
to complete. Now, the FTP implementation in libcurl correctly sets blocking
direction and estimated timeout for connections, resulting in faster FTP
transfers. (BZ#1218272)
Enhancements:
* With the updated packages, it is possible to explicitly enable or disable
new Advanced Encryption Standard (AES) cipher suites to be used for the TLS
protocol. (BZ#1066065)
* The libcurl library did not implement a non-blocking SSL handshake, which
negatively affected performance of applications based on the libcurl multi
API. The non-blocking SSL handshake has been implemented in libcurl, and
the libcurl multi API now immediately returns the control back to the
application whenever it cannot read or write data from or to the underlying
network socket. (BZ#1091429)
* The libcurl library used an unnecessarily long blocking delay for actions
with no active file descriptors, even for short operations. Some actions,
such as resolving a host name using /etc/hosts, took a long time to
complete. The blocking code in libcurl has been modified so that the
initial delay is short and gradually increases until an event occurs.
(BZ#1130239)
All curl users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues and add these
enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated curl packages that fix multiple security issues, several bugs, and\nadd two enhancements are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP.\n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user\u0027s cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle\u0027s duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl access a specially crafted URL via an HTTP proxy\ncould use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues.\n\nBug fixes:\n\n* An out-of-protocol fallback to SSL 3.0 was available with libcurl.\nAttackers could abuse the fallback to force downgrade of the SSL version.\nThe fallback has been removed from libcurl. Users requiring this\nfunctionality can explicitly enable SSL 3.0 through the libcurl API.\n(BZ#1154060)\n\n* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. You can\nexplicitly disable them through the libcurl API. (BZ#1170339)\n\n* FTP operations such as downloading files took a significantly long time\nto complete. Now, the FTP implementation in libcurl correctly sets blocking\ndirection and estimated timeout for connections, resulting in faster FTP\ntransfers. (BZ#1218272)\n\nEnhancements:\n\n* With the updated packages, it is possible to explicitly enable or disable\nnew Advanced Encryption Standard (AES) cipher suites to be used for the TLS\nprotocol. (BZ#1066065)\n\n* The libcurl library did not implement a non-blocking SSL handshake, which\nnegatively affected performance of applications based on the libcurl multi\nAPI. The non-blocking SSL handshake has been implemented in libcurl, and\nthe libcurl multi API now immediately returns the control back to the\napplication whenever it cannot read or write data from or to the underlying\nnetwork socket. (BZ#1091429)\n\n* The libcurl library used an unnecessarily long blocking delay for actions\nwith no active file descriptors, even for short operations. Some actions,\nsuch as resolving a host name using /etc/hosts, took a long time to\ncomplete. The blocking code in libcurl has been modified so that the\ninitial delay is short and gradually increases until an event occurs.\n(BZ#1130239)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:2159",
"url": "https://access.redhat.com/errata/RHSA-2015:2159"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1130239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1130239"
},
{
"category": "external",
"summary": "1136154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154"
},
{
"category": "external",
"summary": "1154060",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154060"
},
{
"category": "external",
"summary": "1154941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941"
},
{
"category": "external",
"summary": "1161182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161182"
},
{
"category": "external",
"summary": "1166264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166264"
},
{
"category": "external",
"summary": "1170339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170339"
},
{
"category": "external",
"summary": "1178692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692"
},
{
"category": "external",
"summary": "1213306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306"
},
{
"category": "external",
"summary": "1213351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351"
},
{
"category": "external",
"summary": "1218272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218272"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_2159.json"
}
],
"title": "Red Hat Security Advisory: curl security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T08:47:38+00:00",
"generator": {
"date": "2024-11-22T08:47:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2015:2159",
"initial_release_date": "2015-11-19T03:26:18+00:00",
"revision_history": [
{
"date": "2015-11-19T03:26:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-11-19T03:26:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T08:47:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"product_id": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.29.0-25.el7.x86_64",
"product": {
"name": "curl-0:7.29.0-25.el7.x86_64",
"product_id": "curl-0:7.29.0-25.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.x86_64",
"product": {
"name": "libcurl-0:7.29.0-25.el7.x86_64",
"product_id": "libcurl-0:7.29.0-25.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.i686",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686",
"product_id": "libcurl-devel-0:7.29.0-25.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.i686",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.i686",
"product": {
"name": "libcurl-0:7.29.0-25.el7.i686",
"product_id": "libcurl-0:7.29.0-25.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-0:7.29.0-25.el7.src",
"product": {
"name": "curl-0:7.29.0-25.el7.src",
"product_id": "curl-0:7.29.0-25.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"product_id": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.29.0-25.el7.ppc64",
"product": {
"name": "curl-0:7.29.0-25.el7.ppc64",
"product_id": "curl-0:7.29.0-25.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.ppc64",
"product": {
"name": "libcurl-0:7.29.0-25.el7.ppc64",
"product_id": "libcurl-0:7.29.0-25.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.ppc",
"product": {
"name": "libcurl-0:7.29.0-25.el7.ppc",
"product_id": "libcurl-0:7.29.0-25.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.ppc",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc",
"product_id": "libcurl-devel-0:7.29.0-25.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.s390x",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x",
"product_id": "libcurl-devel-0:7.29.0-25.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.s390x",
"product": {
"name": "libcurl-0:7.29.0-25.el7.s390x",
"product_id": "libcurl-0:7.29.0-25.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.29.0-25.el7.s390x",
"product": {
"name": "curl-0:7.29.0-25.el7.s390x",
"product_id": "curl-0:7.29.0-25.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.s390",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390",
"product_id": "libcurl-devel-0:7.29.0-25.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=s390"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.s390",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.s390",
"product": {
"name": "libcurl-0:7.29.0-25.el7.s390",
"product_id": "libcurl-0:7.29.0-25.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"product_id": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.ppc64le",
"product": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le",
"product_id": "libcurl-0:7.29.0-25.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.29.0-25.el7.ppc64le",
"product": {
"name": "curl-0:7.29.0-25.el7.ppc64le",
"product_id": "curl-0:7.29.0-25.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"product_id": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.29.0-25.el7.aarch64",
"product": {
"name": "curl-0:7.29.0-25.el7.aarch64",
"product_id": "curl-0:7.29.0-25.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.aarch64",
"product": {
"name": "libcurl-0:7.29.0-25.el7.aarch64",
"product_id": "libcurl-0:7.29.0-25.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-0:7.29.0-25.el7.src"
},
"product_reference": "curl-0:7.29.0-25.el7.src",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-0:7.29.0-25.el7.src"
},
"product_reference": "curl-0:7.29.0-25.el7.src",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.i686"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.s390"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.src"
},
"product_reference": "curl-0:7.29.0-25.el7.src",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-0:7.29.0-25.el7.src"
},
"product_reference": "curl-0:7.29.0-25.el7.src",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-0:7.29.0-25.el7.src"
},
"product_reference": "curl-0:7.29.0-25.el7.src",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.i686"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.s390"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-0:7.29.0-25.el7.src"
},
"product_reference": "curl-0:7.29.0-25.el7.src",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Workstation"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"cURL project"
]
},
{
"names": [
"Tim Ruehsen"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-3613",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2014-09-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1136154"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user\u0027s cookie to a crafted domain, making other cookie-related issues easier to exploit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: incorrect handling of IP addresses in cookie domain",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of curl as shipped with Red Hat Enterprise Linux 5 and is not planned to be corrected in future updates.\n\nInktank Ceph Enterprise 1.1 and 1.2 receives only qualified Important and Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Inktank Ceph Enterprise Support Matrix:\nhttp://www.inktank.com/enterprise/support/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3613"
},
{
"category": "external",
"summary": "RHBZ#1136154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20140910A.html",
"url": "http://curl.haxx.se/docs/adv_20140910A.html"
}
],
"release_date": "2014-09-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:26:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2159"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: incorrect handling of IP addresses in cookie domain"
},
{
"acknowledgments": [
{
"names": [
"cURL project"
]
},
{
"names": [
"Symeon Paraschoudis"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-3707",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2014-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1154941"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle\u0027s duplicate could cause the application to crash or disclose a portion of its memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: incorrect handle duplication after COPYPOSTFIELDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the versions of curl as shipped with Red Hat Enterprise Linux 5.\n\nNote that there are no applications provided with Red Hat Enterprise Linux that use the vulnerable CURLOPT_COPYPOSTFIELDS option, except PHP which could only be affected if used in an extremely unlikely scenario or via the script\u0027s author.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3707"
},
{
"category": "external",
"summary": "RHBZ#1154941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3707"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3707",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3707"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20141105.html",
"url": "http://curl.haxx.se/docs/adv_20141105.html"
}
],
"release_date": "2014-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:26:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2159"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"products": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: incorrect handle duplication after COPYPOSTFIELDS"
},
{
"acknowledgments": [
{
"names": [
"cURL project"
]
},
{
"names": [
"Andrey Labunets"
],
"organization": "Facebook",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-8150",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2015-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1178692"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: URL request injection vulnerability in parseurlandfillconn()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-8150"
},
{
"category": "external",
"summary": "RHBZ#1178692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-8150",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20150108B.html",
"url": "http://curl.haxx.se/docs/adv_20150108B.html"
}
],
"release_date": "2015-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:26:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2159"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: URL request injection vulnerability in parseurlandfillconn()"
},
{
"acknowledgments": [
{
"names": [
"Daniel Stenberg"
],
"organization": "curl upstream"
},
{
"names": [
"Paras Sethia"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-3143",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2015-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1213306"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that libcurl could incorrectly reuse NTLM-authenticated connections for subsequent unauthenticated requests to the same host. If an application using libcurl established an NTLM-authenticated connection to a server, and sent subsequent unauthenticated requests to the same server, the unauthenticated requests could be sent over the NTLM-authenticated connection, appearing as if they were sent by the NTLM authenticated user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: re-using authenticated connection when unauthenticated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of curl package as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not planned to be addressed in a future update for Red Hat Enterprise Linux 5.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-3143"
},
{
"category": "external",
"summary": "RHBZ#1213306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20150422A.html",
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
}
],
"release_date": "2015-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:26:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2159"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: re-using authenticated connection when unauthenticated"
},
{
"acknowledgments": [
{
"names": [
"Daniel Stenberg"
],
"organization": "curl upstream"
},
{
"names": [
"Isaac Boukris"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-3148",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2015-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1213351"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that libcurl could incorrectly reuse Negotiate authenticated HTTP connections for subsequent requests. If an application using libcurl established a Negotiate authenticated HTTP connection to a server and sent subsequent requests with different credentials, the connection could be re-used with the initial set of credentials instead of using the new ones.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: Negotiate not treated as connection-oriented",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of curl package as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not planned to be addressed in a future update for Red Hat Enterprise Linux 5.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-3148"
},
{
"category": "external",
"summary": "RHBZ#1213351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-3148",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3148"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3148",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3148"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20150422B.html",
"url": "http://curl.haxx.se/docs/adv_20150422B.html"
}
],
"release_date": "2015-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:26:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2159"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: Negotiate not treated as connection-oriented"
}
]
}
ghsa-6mxf-77w3-cj5m
Vulnerability from github
Published
2022-05-14 03:59
Modified
2022-05-14 03:59
Details
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
{
"affected": [],
"aliases": [
"CVE-2015-3143"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-04-24T14:59:00Z",
"severity": "MODERATE"
},
"details": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.",
"id": "GHSA-6mxf-77w3-cj5m",
"modified": "2022-05-14T03:59:13Z",
"published": "2022-05-14T03:59:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143"
},
{
"type": "WEB",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT205031"
},
{
"type": "WEB",
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"type": "WEB",
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
},
{
"type": "WEB",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/74299"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1032232"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2591-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
var-201504-0147
Vulnerability from variot
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. cURL/libcURL is prone to a remote security-bypass vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. cURL/libcURL 7.10.6 through versions 7.41.0 are vulnerable. Both Haxx curl and libcurl are products of the Swedish company Haxx. curl is a set of file transfer tools that use URL syntax to work on the command line. libcurl is a free, open source client-side URL transfer library. ============================================================================ Ubuntu Security Notice USN-2591-1 April 30, 2015
curl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in curl.
Software Description: - curl: HTTP, HTTPS, and FTP client and client libraries
Details:
Paras Sethia discovered that curl could incorrectly re-use NTLM HTTP credentials when subsequently connecting to the same host over HTTP. (CVE-2015-3143)
Hanno B=C3=B6ck discovered that curl incorrectly handled zero-length host names. If a user or automated system were tricked into using a specially crafted host name, an attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.10 and Ubuntu 15.04. If a user or automated system were tricked into parsing a specially crafted cookie, an attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-3148)
Yehezkel Horowitz and Oren Souroujon discovered that curl sent HTTP headers both to servers and proxies by default, contrary to expectations. This issue only affected Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-3153)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: libcurl3 7.38.0-3ubuntu2.2 libcurl3-gnutls 7.38.0-3ubuntu2.2 libcurl3-nss 7.38.0-3ubuntu2.2
Ubuntu 14.10: libcurl3 7.37.1-1ubuntu3.4 libcurl3-gnutls 7.37.1-1ubuntu3.4 libcurl3-nss 7.37.1-1ubuntu3.4
Ubuntu 14.04 LTS: libcurl3 7.35.0-1ubuntu2.5 libcurl3-gnutls 7.35.0-1ubuntu2.5 libcurl3-nss 7.35.0-1ubuntu2.5
Ubuntu 12.04 LTS: libcurl3 7.22.0-3ubuntu4.14 libcurl3-gnutls 7.22.0-3ubuntu4.14 libcurl3-nss 7.22.0-3ubuntu4.14
In general, a standard system update will make all the necessary changes. This is similar to the issue fixed in DSA-2849-1.
CVE-2015-3144
When parsing URLs with a zero-length hostname (such as "http://:80"),
libcurl would try to read from an invalid memory address. This could
allow remote attackers to cause a denial of service (crash). This
issue only affects the upcoming stable (jessie) and unstable (sid)
distributions.
CVE-2015-3145
When parsing HTTP cookies, if the parsed cookie's "path" element
consists of a single double-quote, libcurl would try to write to an
invalid heap memory address. This could allow remote attackers to
cause a denial of service (crash). This issue only affects the
upcoming stable (jessie) and unstable (sid) distributions.
CVE-2015-3148
When doing HTTP requests using the Negotiate authentication method
along with NTLM, the connection used would not be marked as
authenticated, making it possible to reuse it and send requests for
one user over the connection authenticated as a different user.
For the stable distribution (wheezy), these problems have been fixed in version 7.26.0-1+wheezy13.
For the upcoming stable distribution (jessie), these problems have been fixed in version 7.38.0-4+deb8u1.
For the unstable distribution (sid), these problems have been fixed in version 7.42.0-1.
We recommend that you upgrade your curl packages. 7) - x86_64
-
(BZ#1154060)
-
TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. (BZ#1170339)
-
FTP operations such as downloading files took a significantly long time to complete. Now, the FTP implementation in libcurl correctly sets blocking direction and estimated timeout for connections, resulting in faster FTP transfers. (BZ#1066065)
-
The libcurl library did not implement a non-blocking SSL handshake, which negatively affected performance of applications based on the libcurl multi API. The non-blocking SSL handshake has been implemented in libcurl, and the libcurl multi API now immediately returns the control back to the application whenever it cannot read or write data from or to the underlying network socket. (BZ#1091429)
-
The libcurl library used an unnecessarily long blocking delay for actions with no active file descriptors, even for short operations. Some actions, such as resolving a host name using /etc/hosts, took a long time to complete. The blocking code in libcurl has been modified so that the initial delay is short and gradually increases until an event occurs.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/curl-7.45.0-i486-1_slack14.1.txz: Upgraded. Fixes some security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/curl-7.45.0-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/curl-7.45.0-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/curl-7.45.0-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/curl-7.45.0-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/curl-7.45.0-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/curl-7.45.0-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-7.45.0-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-7.45.0-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/curl-7.45.0-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/curl-7.45.0-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-7.45.0-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-7.45.0-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 package: e9307566f43c3c12ac72f12cea688741 curl-7.45.0-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 5fe5a7733ce969f8f468c6b03cf6b1f7 curl-7.45.0-x86_64-1_slack13.0.txz
Slackware 13.1 package: 9d3d5ccbae7284c84c4667885bf9fd0d curl-7.45.0-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 7e7f04d3de8d34b8b082729ceaa53ba9 curl-7.45.0-x86_64-1_slack13.1.txz
Slackware 13.37 package: 00bd418a8607ea74d1986c08d5358052 curl-7.45.0-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 23e7da7ab6846fed5d18b5f5399ac400 curl-7.45.0-x86_64-1_slack13.37.txz
Slackware 14.0 package: 76f010b92c755f16f19840723d845e21 curl-7.45.0-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: daf0b67147a50e44d89f8852632fcdf7 curl-7.45.0-x86_64-1_slack14.0.txz
Slackware 14.1 package: 8c2a5796d4a4ce840a767423667eb97b curl-7.45.0-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 763157115101b63867217707ff4a9021 curl-7.45.0-x86_64-1_slack14.1.txz
Slackware -current package: 0c2d192aff4af6f74281a1d724d31ce3 n/curl-7.45.0-i586-1.txz
Slackware x86_64 -current package: 4791e2bb2afd43ec0642d94e22259e81 n/curl-7.45.0-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg curl-7.45.0-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: curl security, bug fix, and enhancement update Advisory ID: RHSA-2015:1254-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1254.html Issue date: 2015-07-22 Updated on: 2014-12-15 CVE Names: CVE-2014-3613 CVE-2014-3707 CVE-2014-8150 CVE-2015-3143 CVE-2015-3148 =====================================================================
- Summary:
Updated curl packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
- Description:
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user's cookie to a crafted domain, making other cookie-related issues easier to exploit. (CVE-2014-3613)
A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory. (CVE-2014-3707)
It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl to access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests. (CVE-2014-8150)
It was discovered that libcurl implemented aspects of the NTLM and Negotatiate authentication incorrectly. If an application uses libcurl and the affected mechanisms in a specifc way, certain requests to a previously NTLM-authenticated server could appears as sent by the wrong authenticated user. Additionally, the initial set of credentials for HTTP Negotiate-authenticated requests could be reused in subsequent requests, although a different set of credentials was specified. (CVE-2015-3143, CVE-2015-3148)
Red Hat would like to thank the cURL project for reporting these issues.
Bug fixes:
-
An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available with libcurl. Attackers could abuse the fallback to force downgrade of the SSL version. The fallback has been removed from libcurl. Users requiring this functionality can explicitly enable SSLv3.0 through the libcurl API. (BZ#1154059)
-
A single upload transfer through the FILE protocol opened the destination file twice. If the inotify kernel subsystem monitored the file, two events were produced unnecessarily. The file is now opened only once per upload. (BZ#883002)
-
Utilities using libcurl for SCP/SFTP transfers could terminate unexpectedly when the system was running in FIPS mode. (BZ#1008178)
-
Using the "--retry" option with the curl utility could cause curl to terminate unexpectedly with a segmentation fault. Now, adding "--retry" no longer causes curl to crash. (BZ#1009455)
-
The "curl --trace-time" command did not use the correct local time when printing timestamps. Now, "curl --trace-time" works as expected. (BZ#1120196)
-
The valgrind utility could report dynamically allocated memory leaks on curl exit. Now, curl performs a global shutdown of the NetScape Portable Runtime (NSPR) library on exit, and valgrind no longer reports the memory leaks. (BZ#1146528)
-
Previously, libcurl returned an incorrect value of the CURLINFO_HEADER_SIZE field when a proxy server appended its own headers to the HTTP response. Now, the returned value is valid. (BZ#1161163)
Enhancements:
-
The "--tlsv1.0", "--tlsv1.1", and "--tlsv1.2" options are available for specifying the minor version of the TLS protocol to be negotiated by NSS. The "--tlsv1" option now negotiates the highest version of the TLS protocol supported by both the client and the server. (BZ#1012136)
-
It is now possible to explicitly enable or disable the ECC and the new AES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)
All curl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
835898 - Bug in DNS cache causes connections until restart of libcurl-using processes 883002 - curl used with file:// protocol opens and closes a destination file twice 997185 - sendrecv.c example incorrect type for sockfd 1008178 - curl scp download fails in fips mode 1011083 - CA certificate cannot be specified by nickname [documentation bug] 1011101 - manpage typos found using aspell 1058767 - curl does not support ECDSA certificates 1104160 - Link in curl man page is wrong 1136154 - CVE-2014-3613 curl: incorrect handling of IP addresses in cookie domain 1154059 - curl: Disable out-of-protocol fallback to SSL 3.0 1154747 - NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth 1154941 - CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS 1156422 - curl does not allow explicit control of DHE ciphers 1161163 - Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE 1168137 - curl closes connection after HEAD request fails 1178692 - CVE-2014-8150 curl: URL request injection vulnerability in parseurlandfillconn() 1213306 - CVE-2015-3143 curl: re-using authenticated connection when unauthenticated 1213351 - CVE-2015-3148 curl: Negotiate not treated as connection-oriented
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: curl-7.19.7-46.el6.src.rpm
i386: curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm
x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm
x86_64: curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: curl-7.19.7-46.el6.src.rpm
x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: curl-7.19.7-46.el6.src.rpm
i386: curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm
ppc64: curl-7.19.7-46.el6.ppc64.rpm curl-debuginfo-7.19.7-46.el6.ppc.rpm curl-debuginfo-7.19.7-46.el6.ppc64.rpm libcurl-7.19.7-46.el6.ppc.rpm libcurl-7.19.7-46.el6.ppc64.rpm libcurl-devel-7.19.7-46.el6.ppc.rpm libcurl-devel-7.19.7-46.el6.ppc64.rpm
s390x: curl-7.19.7-46.el6.s390x.rpm curl-debuginfo-7.19.7-46.el6.s390.rpm curl-debuginfo-7.19.7-46.el6.s390x.rpm libcurl-7.19.7-46.el6.s390.rpm libcurl-7.19.7-46.el6.s390x.rpm libcurl-devel-7.19.7-46.el6.s390.rpm libcurl-devel-7.19.7-46.el6.s390x.rpm
x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: curl-7.19.7-46.el6.src.rpm
i386: curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm
x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-3613 https://access.redhat.com/security/cve/CVE-2014-3707 https://access.redhat.com/security/cve/CVE-2014-8150 https://access.redhat.com/security/cve/CVE-2015-3143 https://access.redhat.com/security/cve/CVE-2015-3148 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVrzSJXlSAg2UNWIIRAnEiAJ9xqOogsAzooomZ4VeMgA+gUwEuTwCfTzMn emWApg/iYw5vIs3rWoqmU7A= =p+Xb -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148 http://advisories.mageia.org/MGASA-2015-0179.html
Updated Packages:
Mandriva Business Server 1/X86_64: fd3f4894f5c5215c29b84d70f2c6ada2 mbs1/x86_64/curl-7.24.0-3.9.mbs1.x86_64.rpm a00d0747b4d6ae22475948119a42efc4 mbs1/x86_64/curl-examples-7.24.0-3.9.mbs1.x86_64.rpm d5291ae320dd5766e4b981ff66b36e19 mbs1/x86_64/lib64curl4-7.24.0-3.9.mbs1.x86_64.rpm 62d5295190433ca4ff7d2cda746d6b16 mbs1/x86_64/lib64curl-devel-7.24.0-3.9.mbs1.x86_64.rpm 5bcf6538291f947870a9ccfe62c9ea6d mbs1/SRPMS/curl-7.24.0-3.9.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201504-0147",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.34.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.27.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.31.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.29.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.28.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.28.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.35.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.32.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.30.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.33.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.14.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.18.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.18.2"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.14.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.30.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.24.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.4"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.5"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.33.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.6"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.13.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.23.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.4"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.5"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.13.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.18.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.11.2"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.5"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.2"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.22.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.32.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.20.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.3"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.13.2"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.37.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.17.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.20.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.2"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.40.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.7"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.3"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.2"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.35.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.3"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.36.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.7"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.6"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.8"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.23.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.11.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.2"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.26.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.6"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.17.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.18.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.14.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.41.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.3"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.6"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.3"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.3"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.34.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.25.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.5"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.4"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.04"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.2"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.18.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.22.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.11.2"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.2"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.13.2"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.38.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.4"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.7"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.11.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.20.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.31.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.40.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.3"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.29.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.18.2"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.2"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.14.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.24.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.5"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.39"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.8"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.4"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.23.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.11.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.17.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.26.0"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.9.5"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.13.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.23.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.4"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.13.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.41.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.3"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.5"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.3"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.3"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.28.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.39.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.25.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.3"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.10"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.20.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.17.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.37.1"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.4"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.2"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.4"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.7"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.27.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.36.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.7"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.37.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.2"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.6"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.38.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.4"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.7"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.11.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.6"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.28.1"
},
{
"model": "system management homepage",
"scope": "lte",
"trust": 1.0,
"vendor": "hp",
"version": "7.5.3.1"
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": "eq",
"trust": 0.8,
"vendor": "debian",
"version": "7.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 0.8,
"vendor": "haxx",
"version": "7.10.6 to 7.41.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 0.8,
"vendor": "haxx",
"version": "7.10.6 to 7.41.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.4"
},
{
"model": "comware",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "hpe intelligent management center plat",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "system management homepage",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.20"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.19.6"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.19.5"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.19.4"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.19.3"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.19"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.18.1"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.18"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.17"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.16.4"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.15.5"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.15.3"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.15.2"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.15.1"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.15"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.14.1"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.14"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.13.2"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.13.1"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.13"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.12.3"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.12.2"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.12.1"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.12"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.11.2"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.11.1"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.11"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.10.8"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.10.7"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.10.6"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.24.0"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.23.1"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.21.7"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.21.6"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.20.2"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.20.1"
},
{
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.16.3"
}
],
"sources": [
{
"db": "BID",
"id": "74299"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
},
{
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.25.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.18.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.17.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.15.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.30.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.29.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.23.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.20.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.17.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.16.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.10.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.10.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.28.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.28.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.22.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.16.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.16.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.16.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.10.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.27.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.26.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.18.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.18.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.16.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.15.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.15.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.9.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Paras Sethia",
"sources": [
{
"db": "BID",
"id": "74299"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3143",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-3143",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-81104",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-3143",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201504-500",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-81104",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-3143",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81104"
},
{
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
},
{
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. cURL/libcURL is prone to a remote security-bypass vulnerability. \nAn attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. \ncURL/libcURL 7.10.6 through versions 7.41.0 are vulnerable. Both Haxx curl and libcurl are products of the Swedish company Haxx. curl is a set of file transfer tools that use URL syntax to work on the command line. libcurl is a free, open source client-side URL transfer library. ============================================================================\nUbuntu Security Notice USN-2591-1\nApril 30, 2015\n\ncurl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in curl. \n\nSoftware Description:\n- curl: HTTP, HTTPS, and FTP client and client libraries\n\nDetails:\n\nParas Sethia discovered that curl could incorrectly re-use NTLM HTTP\ncredentials when subsequently connecting to the same host over HTTP. \n(CVE-2015-3143)\n\nHanno B=C3=B6ck discovered that curl incorrectly handled zero-length host names. \nIf a user or automated system were tricked into using a specially crafted\nhost name, an attacker could possibly use this issue to cause curl to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 14.10 and Ubuntu 15.04. \nIf a user or automated system were tricked into parsing a specially crafted\ncookie, an attacker could possibly use this issue to cause curl to crash,\nresulting in a denial of service, or possibly execute arbitrary code. This\nissue only affected Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-3148)\n\nYehezkel Horowitz and Oren Souroujon discovered that curl sent HTTP headers\nboth to servers and proxies by default, contrary to expectations. This\nissue only affected Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-3153)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n libcurl3 7.38.0-3ubuntu2.2\n libcurl3-gnutls 7.38.0-3ubuntu2.2\n libcurl3-nss 7.38.0-3ubuntu2.2\n\nUbuntu 14.10:\n libcurl3 7.37.1-1ubuntu3.4\n libcurl3-gnutls 7.37.1-1ubuntu3.4\n libcurl3-nss 7.37.1-1ubuntu3.4\n\nUbuntu 14.04 LTS:\n libcurl3 7.35.0-1ubuntu2.5\n libcurl3-gnutls 7.35.0-1ubuntu2.5\n libcurl3-nss 7.35.0-1ubuntu2.5\n\nUbuntu 12.04 LTS:\n libcurl3 7.22.0-3ubuntu4.14\n libcurl3-gnutls 7.22.0-3ubuntu4.14\n libcurl3-nss 7.22.0-3ubuntu4.14\n\nIn general, a standard system update will make all the necessary changes. This is\n similar to the issue fixed in DSA-2849-1. \n\nCVE-2015-3144\n\n When parsing URLs with a zero-length hostname (such as \"http://:80\"),\n libcurl would try to read from an invalid memory address. This could\n allow remote attackers to cause a denial of service (crash). This\n issue only affects the upcoming stable (jessie) and unstable (sid)\n distributions. \n\nCVE-2015-3145\n\n When parsing HTTP cookies, if the parsed cookie\u0027s \"path\" element\n consists of a single double-quote, libcurl would try to write to an\n invalid heap memory address. This could allow remote attackers to\n cause a denial of service (crash). This issue only affects the\n upcoming stable (jessie) and unstable (sid) distributions. \n\nCVE-2015-3148\n\n When doing HTTP requests using the Negotiate authentication method\n along with NTLM, the connection used would not be marked as\n authenticated, making it possible to reuse it and send requests for\n one user over the connection authenticated as a different user. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 7.26.0-1+wheezy13. \n\nFor the upcoming stable distribution (jessie), these problems have been\nfixed in version 7.38.0-4+deb8u1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7.42.0-1. \n\nWe recommend that you upgrade your curl packages. 7) - x86_64\n\n3. \n(BZ#1154060)\n\n* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. (BZ#1170339)\n\n* FTP operations such as downloading files took a significantly long time\nto complete. Now, the FTP implementation in libcurl correctly sets blocking\ndirection and estimated timeout for connections, resulting in faster FTP\ntransfers. (BZ#1066065)\n\n* The libcurl library did not implement a non-blocking SSL handshake, which\nnegatively affected performance of applications based on the libcurl multi\nAPI. The non-blocking SSL handshake has been implemented in libcurl, and\nthe libcurl multi API now immediately returns the control back to the\napplication whenever it cannot read or write data from or to the underlying\nnetwork socket. (BZ#1091429)\n\n* The libcurl library used an unnecessarily long blocking delay for actions\nwith no active file descriptors, even for short operations. Some actions,\nsuch as resolving a host name using /etc/hosts, took a long time to\ncomplete. The blocking code in libcurl has been modified so that the\ninitial delay is short and gradually increases until an event occurs. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/curl-7.45.0-i486-1_slack14.1.txz: Upgraded. \n Fixes some security issues. \n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/curl-7.45.0-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/curl-7.45.0-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/curl-7.45.0-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/curl-7.45.0-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/curl-7.45.0-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/curl-7.45.0-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-7.45.0-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-7.45.0-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/curl-7.45.0-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/curl-7.45.0-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-7.45.0-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-7.45.0-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 package:\ne9307566f43c3c12ac72f12cea688741 curl-7.45.0-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n5fe5a7733ce969f8f468c6b03cf6b1f7 curl-7.45.0-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n9d3d5ccbae7284c84c4667885bf9fd0d curl-7.45.0-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n7e7f04d3de8d34b8b082729ceaa53ba9 curl-7.45.0-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n00bd418a8607ea74d1986c08d5358052 curl-7.45.0-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n23e7da7ab6846fed5d18b5f5399ac400 curl-7.45.0-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n76f010b92c755f16f19840723d845e21 curl-7.45.0-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\ndaf0b67147a50e44d89f8852632fcdf7 curl-7.45.0-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n8c2a5796d4a4ce840a767423667eb97b curl-7.45.0-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n763157115101b63867217707ff4a9021 curl-7.45.0-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n0c2d192aff4af6f74281a1d724d31ce3 n/curl-7.45.0-i586-1.txz\n\nSlackware x86_64 -current package:\n4791e2bb2afd43ec0642d94e22259e81 n/curl-7.45.0-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg curl-7.45.0-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: curl security, bug fix, and enhancement update\nAdvisory ID: RHSA-2015:1254-02\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1254.html\nIssue date: 2015-07-22\nUpdated on: 2014-12-15\nCVE Names: CVE-2014-3613 CVE-2014-3707 CVE-2014-8150 \n CVE-2015-3143 CVE-2015-3148 \n=====================================================================\n\n1. Summary:\n\nUpdated curl packages that fix multiple security issues, several bugs, and\nadd two enhancements are now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\n\n3. Description:\n\nThe curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP. \n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user\u0027s cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle\u0027s duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl to access a specially crafted URL via an HTTP\nproxy could use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues. \n\nBug fixes:\n\n* An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available\nwith libcurl. Attackers could abuse the fallback to force downgrade of the\nSSL version. The fallback has been removed from libcurl. Users requiring\nthis functionality can explicitly enable SSLv3.0 through the libcurl API. \n(BZ#1154059)\n\n* A single upload transfer through the FILE protocol opened the destination\nfile twice. If the inotify kernel subsystem monitored the file, two events\nwere produced unnecessarily. The file is now opened only once per upload. \n(BZ#883002)\n\n* Utilities using libcurl for SCP/SFTP transfers could terminate\nunexpectedly when the system was running in FIPS mode. (BZ#1008178)\n\n* Using the \"--retry\" option with the curl utility could cause curl to\nterminate unexpectedly with a segmentation fault. Now, adding \"--retry\" no\nlonger causes curl to crash. (BZ#1009455)\n\n* The \"curl --trace-time\" command did not use the correct local time when\nprinting timestamps. Now, \"curl --trace-time\" works as expected. \n(BZ#1120196)\n\n* The valgrind utility could report dynamically allocated memory leaks on\ncurl exit. Now, curl performs a global shutdown of the NetScape Portable\nRuntime (NSPR) library on exit, and valgrind no longer reports the memory\nleaks. (BZ#1146528)\n\n* Previously, libcurl returned an incorrect value of the\nCURLINFO_HEADER_SIZE field when a proxy server appended its own headers to\nthe HTTP response. Now, the returned value is valid. (BZ#1161163)\n\nEnhancements:\n\n* The \"--tlsv1.0\", \"--tlsv1.1\", and \"--tlsv1.2\" options are available for\nspecifying the minor version of the TLS protocol to be negotiated by NSS. \nThe \"--tlsv1\" option now negotiates the highest version of the TLS protocol\nsupported by both the client and the server. (BZ#1012136)\n\n* It is now possible to explicitly enable or disable the ECC and the new\nAES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n835898 - Bug in DNS cache causes connections until restart of libcurl-using processes\n883002 - curl used with file:// protocol opens and closes a destination file twice\n997185 - sendrecv.c example incorrect type for sockfd\n1008178 - curl scp download fails in fips mode\n1011083 - CA certificate cannot be specified by nickname [documentation bug]\n1011101 - manpage typos found using aspell\n1058767 - curl does not support ECDSA certificates\n1104160 - Link in curl man page is wrong\n1136154 - CVE-2014-3613 curl: incorrect handling of IP addresses in cookie domain\n1154059 - curl: Disable out-of-protocol fallback to SSL 3.0\n1154747 - NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth\n1154941 - CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS\n1156422 - curl does not allow explicit control of DHE ciphers\n1161163 - Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE\n1168137 - curl closes connection after HEAD request fails\n1178692 - CVE-2014-8150 curl: URL request injection vulnerability in parseurlandfillconn()\n1213306 - CVE-2015-3143 curl: re-using authenticated connection when unauthenticated\n1213351 - CVE-2015-3148 curl: Negotiate not treated as connection-oriented\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\ni386:\ncurl-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\n\nx86_64:\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\ni386:\ncurl-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\n\nppc64:\ncurl-7.19.7-46.el6.ppc64.rpm\ncurl-debuginfo-7.19.7-46.el6.ppc.rpm\ncurl-debuginfo-7.19.7-46.el6.ppc64.rpm\nlibcurl-7.19.7-46.el6.ppc.rpm\nlibcurl-7.19.7-46.el6.ppc64.rpm\nlibcurl-devel-7.19.7-46.el6.ppc.rpm\nlibcurl-devel-7.19.7-46.el6.ppc64.rpm\n\ns390x:\ncurl-7.19.7-46.el6.s390x.rpm\ncurl-debuginfo-7.19.7-46.el6.s390.rpm\ncurl-debuginfo-7.19.7-46.el6.s390x.rpm\nlibcurl-7.19.7-46.el6.s390.rpm\nlibcurl-7.19.7-46.el6.s390x.rpm\nlibcurl-devel-7.19.7-46.el6.s390.rpm\nlibcurl-devel-7.19.7-46.el6.s390x.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\ni386:\ncurl-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3613\nhttps://access.redhat.com/security/cve/CVE-2014-3707\nhttps://access.redhat.com/security/cve/CVE-2014-8150\nhttps://access.redhat.com/security/cve/CVE-2015-3143\nhttps://access.redhat.com/security/cve/CVE-2015-3148\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVrzSJXlSAg2UNWIIRAnEiAJ9xqOogsAzooomZ4VeMgA+gUwEuTwCfTzMn\nemWApg/iYw5vIs3rWoqmU7A=\n=p+Xb\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148\n http://advisories.mageia.org/MGASA-2015-0179.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n fd3f4894f5c5215c29b84d70f2c6ada2 mbs1/x86_64/curl-7.24.0-3.9.mbs1.x86_64.rpm\n a00d0747b4d6ae22475948119a42efc4 mbs1/x86_64/curl-examples-7.24.0-3.9.mbs1.x86_64.rpm\n d5291ae320dd5766e4b981ff66b36e19 mbs1/x86_64/lib64curl4-7.24.0-3.9.mbs1.x86_64.rpm\n 62d5295190433ca4ff7d2cda746d6b16 mbs1/x86_64/lib64curl-devel-7.24.0-3.9.mbs1.x86_64.rpm \n 5bcf6538291f947870a9ccfe62c9ea6d mbs1/SRPMS/curl-7.24.0-3.9.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3143"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "BID",
"id": "74299"
},
{
"db": "VULHUB",
"id": "VHN-81104"
},
{
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"db": "PACKETSTORM",
"id": "131699"
},
{
"db": "PACKETSTORM",
"id": "131588"
},
{
"db": "PACKETSTORM",
"id": "134443"
},
{
"db": "PACKETSTORM",
"id": "134138"
},
{
"db": "PACKETSTORM",
"id": "132792"
},
{
"db": "PACKETSTORM",
"id": "131726"
}
],
"trust": 2.61
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-81104",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81104"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3143",
"trust": 3.5
},
{
"db": "JUNIPER",
"id": "JSA10743",
"trust": 1.5
},
{
"db": "BID",
"id": "74299",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1032232",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201504-500",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "64164",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "64284",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "131699",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "131726",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "134138",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "131588",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "133700",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135878",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131727",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-81104",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3143",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134443",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132792",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81104"
},
{
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"db": "BID",
"id": "74299"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "PACKETSTORM",
"id": "131699"
},
{
"db": "PACKETSTORM",
"id": "131588"
},
{
"db": "PACKETSTORM",
"id": "134443"
},
{
"db": "PACKETSTORM",
"id": "134138"
},
{
"db": "PACKETSTORM",
"id": "132792"
},
{
"db": "PACKETSTORM",
"id": "131726"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
},
{
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"id": "VAR-201504-0147",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81104"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:04:58.843000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht205031"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht205031"
},
{
"title": "DSA-3232",
"trust": 0.8,
"url": "https://www.debian.org/security/2015/dsa-3232"
},
{
"title": "HPSBHF03544",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"title": "HPSBMU03546",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
},
{
"title": "Re-using authenticated connection when unauthenticated",
"trust": 0.8,
"url": "http://curl.haxx.se/docs/adv_20150422a.html"
},
{
"title": "USN-2591-1",
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/usn-2591-1"
},
{
"title": "Red Hat: Moderate: curl security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20152159 - security advisory"
},
{
"title": "Red Hat: CVE-2015-3143",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-3143"
},
{
"title": "Ubuntu Security Notice: curl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2591-1"
},
{
"title": "Debian Security Advisories: DSA-3232-1 curl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=6e7bbc3a8db398caa606cf6110790ac9"
},
{
"title": "Amazon Linux AMI: ALAS-2015-514",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2015-514"
},
{
"title": "Apple: OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9834d0d73bf28fb80d3390930bafd906"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eb439566c9130adc92d21bc093204cf8"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=435ed9abc2fb1e74ce2a69605a01e326"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81104"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://advisories.mageia.org/mgasa-2015-0179.html"
},
{
"trust": 2.1,
"url": "http://curl.haxx.se/docs/adv_20150422a.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"trust": 1.5,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/74299"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1254.html"
},
{
"trust": 1.3,
"url": "http://www.ubuntu.com/usn/usn-2591-1"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.2,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.2,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
},
{
"trust": 1.2,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-april/155957.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-april/156250.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/157017.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/157188.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/156945.html"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"trust": 1.2,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:219"
},
{
"trust": 1.2,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:220"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032232"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10743"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3143"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3143"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3148"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3143"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/64164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/64284"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3143"
},
{
"trust": 0.3,
"url": "http://curl.haxx.se/"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10743\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023307"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957883"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099196"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903004"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966972"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967789"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3144"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3145"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3613"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-3707"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8150"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-3613"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3707"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-3148"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-8150"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3148"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10743"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=145612005512270\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2015:2159"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2591-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38682"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/curl/7.38.0-3ubuntu2.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/curl/7.35.0-1ubuntu2.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/curl/7.22.0-3ubuntu4.14"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/curl/7.37.1-1ubuntu3.4"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3153"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://:80\"),"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2015-2159.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3236"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3237"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3145"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3236"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3144"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3237"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81104"
},
{
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"db": "BID",
"id": "74299"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "PACKETSTORM",
"id": "131699"
},
{
"db": "PACKETSTORM",
"id": "131588"
},
{
"db": "PACKETSTORM",
"id": "134443"
},
{
"db": "PACKETSTORM",
"id": "134138"
},
{
"db": "PACKETSTORM",
"id": "132792"
},
{
"db": "PACKETSTORM",
"id": "131726"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
},
{
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81104"
},
{
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"db": "BID",
"id": "74299"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "PACKETSTORM",
"id": "131699"
},
{
"db": "PACKETSTORM",
"id": "131588"
},
{
"db": "PACKETSTORM",
"id": "134443"
},
{
"db": "PACKETSTORM",
"id": "134138"
},
{
"db": "PACKETSTORM",
"id": "132792"
},
{
"db": "PACKETSTORM",
"id": "131726"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
},
{
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-24T00:00:00",
"db": "VULHUB",
"id": "VHN-81104"
},
{
"date": "2015-04-24T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"date": "2015-04-22T00:00:00",
"db": "BID",
"id": "74299"
},
{
"date": "2015-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"date": "2015-04-30T15:48:24",
"db": "PACKETSTORM",
"id": "131699"
},
{
"date": "2015-04-22T20:15:37",
"db": "PACKETSTORM",
"id": "131588"
},
{
"date": "2015-11-20T00:41:15",
"db": "PACKETSTORM",
"id": "134443"
},
{
"date": "2015-10-30T23:23:03",
"db": "PACKETSTORM",
"id": "134138"
},
{
"date": "2015-07-22T17:57:59",
"db": "PACKETSTORM",
"id": "132792"
},
{
"date": "2015-05-04T17:18:17",
"db": "PACKETSTORM",
"id": "131726"
},
{
"date": "2015-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201504-500"
},
{
"date": "2015-04-24T14:59:08.187000",
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81104"
},
{
"date": "2018-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"date": "2016-07-06T14:27:00",
"db": "BID",
"id": "74299"
},
{
"date": "2016-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"date": "2015-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201504-500"
},
{
"date": "2018-01-05T02:30:04.773000",
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cURL and libcurl Vulnerabilities connected as other users",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
}
],
"trust": 0.6
}
}
gsd-2015-3143
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-3143",
"description": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.",
"id": "GSD-2015-3143",
"references": [
"https://www.suse.com/security/cve/CVE-2015-3143.html",
"https://www.debian.org/security/2015/dsa-3232",
"https://access.redhat.com/errata/RHSA-2015:2159",
"https://access.redhat.com/errata/RHSA-2015:1254",
"https://ubuntu.com/security/CVE-2015-3143",
"https://advisories.mageia.org/CVE-2015-3143.html",
"https://alas.aws.amazon.com/cve/html/CVE-2015-3143.html",
"https://linux.oracle.com/cve/CVE-2015-3143.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-3143"
],
"details": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.",
"id": "GSD-2015-3143",
"modified": "2023-12-13T01:20:07.748924Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF03544",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"name": "FEDORA-2015-6853",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"name": "http://curl.haxx.se/docs/adv_20150422A.html",
"refsource": "CONFIRM",
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
},
{
"name": "DSA-3232",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"name": "FEDORA-2015-6712",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "MDVSA-2015:219",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "74299",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74299"
},
{
"name": "RHSA-2015:1254",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"name": "MDVSA-2015:220",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "openSUSE-SU-2015:0799",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0179.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.25.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.18.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.17.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.15.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.30.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.29.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.23.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.20.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.17.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.16.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.10.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.10.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.28.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.28.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.22.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.16.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.16.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.16.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.10.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.27.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.26.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.21.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.19.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.18.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.18.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.16.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.15.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.15.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.9.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3143"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3232",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"name": "http://curl.haxx.se/docs/adv_20150422A.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
},
{
"name": "USN-2591-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "FEDORA-2015-6853",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"name": "FEDORA-2015-6864",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
},
{
"name": "MDVSA-2015:220",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"name": "1032232",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "MDVSA-2015:219",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "FEDORA-2015-6728",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "openSUSE-SU-2015:0799",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"name": "FEDORA-2015-6695",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0179.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"tags": [],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"name": "HPSBHF03544",
"refsource": "HP",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743",
"refsource": "CONFIRM",
"tags": [],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "GLSA-201509-02",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "74299",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/74299"
},
{
"name": "FEDORA-2015-6712",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"name": "RHSA-2015:1254",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-01-05T02:30Z",
"publishedDate": "2015-04-24T14:59Z"
}
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.