github - ghsa-rhch-32f3-p669

ghsa-rhch-32f3-p669

Vulnerability from github

Published

2022-05-14 03:59

Modified

2022-05-14 03:59

Details

CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-8150"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-01-15T15:59:00Z",
    "severity": "MODERATE"
  },
  "details": "CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.",
  "id": "GHSA-rhch-32f3-p669",
  "modified": "2022-05-14T03:59:44Z",
  "published": "2022-05-14T03:59:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150"
    },
    {
      "type": "WEB",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10131"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201701-47"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT205031"
    },
    {
      "type": "WEB",
      "url": "http://advisories.mageia.org/MGASA-2015-0020.html"
    },
    {
      "type": "WEB",
      "url": "http://curl.haxx.se/docs/adv_20150108B.html"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/61925"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/62075"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/62361"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2015/dsa-3122"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:021"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/71964"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032768"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2474-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2014-8150

Vulnerability from cvelistv5

Published

2015-01-15 15:00

Modified

2024-08-06 13:10

Severity

Summary

References

URL	Tags
http://secunia.com/advisories/62361	third-party-advisory, x_refsource_SECUNIA
https://kc.mcafee.com/corporate/index?page=content&id=SB10131	x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html	vendor-advisory, x_refsource_FEDORA
http://advisories.mageia.org/MGASA-2015-0020.html	x_refsource_CONFIRM
http://www.securityfocus.com/bid/71964	vdb-entry, x_refsource_BID
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html	x_refsource_CONFIRM
http://www.securitytracker.com/id/1032768	vdb-entry, x_refsource_SECTRACK
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html	x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html	vendor-advisory, x_refsource_FEDORA
http://curl.haxx.se/docs/adv_20150108B.html	x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	vendor-advisory, x_refsource_APPLE
http://rhn.redhat.com/errata/RHSA-2015-1254.html	vendor-advisory, x_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html	x_refsource_CONFIRM
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html	vendor-advisory, x_refsource_SUSE
https://support.apple.com/kb/HT205031	x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html	vendor-advisory, x_refsource_FEDORA
http://www.ubuntu.com/usn/USN-2474-1	vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201701-47	vendor-advisory, x_refsource_GENTOO
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html	vendor-advisory, x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDVSA-2015:021	vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/62075	third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2015/dsa-3122	vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/61925	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website