Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connect as other users via a request, a similar issue to CVE-2014-0015.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Haxx cURL和libcurl 安全漏洞
Vulnerability Description
Haxx Haxx curl和libcurl都是瑞典Haxx公司的产品。curl是一套利用URL语法在命令行下工作的文件传输工具。libcurl是一个免费、开源的客户端URL传输库。 Haxx cURL和libcurl 7.36.0之前的7.10.6版本的默认配置中存在安全漏洞,该漏洞源于程序再次使用多个连接(包括:SCP、SFTP、POP3、POP3S、IMAP、IMAPS、SMTP、SMTPS、LDAP、LDAPS)。攻击者可通过发送请求利用该漏洞连接其他用户。
CVSS Information
N/A
Vulnerability Type
N/A