Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-1000101 (GCVE-0-2017-1000101)
Vulnerability from cvelistv5 – Published: 2017-10-04 01:00 – Updated: 2026-04-16 13:45
VLAI?
EPSS
Summary
curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.
Severity ?
6.5 (Medium)
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://support.apple.com/HT208221 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2018:3558 | vendor-advisoryx_refsource_REDHAT |
| https://security.gentoo.org/glsa/201709-14 | vendor-advisoryx_refsource_GENTOO |
| https://curl.haxx.se/docs/adv_20170809A.html | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1039117 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/100249 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2017/dsa-3992 | vendor-advisoryx_refsource_DEBIAN |
Date Public ?
2017-10-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:53:06.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2018:3558",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name": "GLSA-201709-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-14"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://curl.haxx.se/docs/adv_20170809A.html"
},
{
"name": "1039117",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039117"
},
{
"name": "100249",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100249"
},
{
"name": "DSA-3992",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3992"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2017-1000101",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-16T13:45:32.714678Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-16T13:45:37.458Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-08-22T00:00:00.000Z",
"datePublic": "2017-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "curl supports \"globbing\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-13T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2018:3558",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name": "GLSA-201709-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-14"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://curl.haxx.se/docs/adv_20170809A.html"
},
{
"name": "1039117",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039117"
},
{
"name": "100249",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100249"
},
{
"name": "DSA-3992",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3992"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.316423",
"ID": "CVE-2017-1000101",
"REQUESTER": "daniel@haxx.se",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "curl supports \"globbing\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2018:3558",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name": "GLSA-201709-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-14"
},
{
"name": "https://curl.haxx.se/docs/adv_20170809A.html",
"refsource": "CONFIRM",
"url": "https://curl.haxx.se/docs/adv_20170809A.html"
},
{
"name": "1039117",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039117"
},
{
"name": "100249",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100249"
},
{
"name": "DSA-3992",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3992"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000101",
"datePublished": "2017-10-04T01:00:00.000Z",
"dateReserved": "2017-10-03T00:00:00.000Z",
"dateUpdated": "2026-04-16T13:45:37.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-1000101",
"date": "2026-05-19",
"epss": "0.00601",
"percentile": "0.6969"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC7E5201-24A0-4CEF-84D2-76DB195D3A8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D558CC2-0146-4887-834E-19FCB1D512A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6931764D-16AB-4546-9CE3-5B4E03BC984A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FC1313E-8DCB-4B29-A9BC-A27C8CB360E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B27C2E02-5C0A-4A12-B0A6-5B1C0DFA94E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFC7535F-B8C7-490F-A2F9-1DCFD41A3C9B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CCBFE6D-F6A9-4394-9AF8-F830DC7E6A81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DEBBFCA-6A18-4F8F-B841-50255C952FA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEEAE437-A645-468B-B283-44799658F534\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03F7EE95-4EBE-4306-ADFE-A1A92CAD5F24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79F7AE71-7A18-4737-9C02-0A3343B3AD4C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC589DE6-773A-43E8-9393-3083DB545671\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24D735EA-04E3-47E7-A859-3CC1ED887E10\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"063C1A70-0869-4933-88D7-ECE7ACCF0F99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70B0A020-3DA1-4753-B810-C60E7CA06839\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63A18050-0DA7-400A-B564-AC9A020D57CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D168A62-A5B0-4BA8-8243-1AAF3B395567\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11D8B02D-5A97-4F9A-8EE8-D60D621E0B0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7DC2429-0B58-4D68-9337-0077C4493714\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4D5B7BD-2B9D-40AB-B13A-393FF0007A8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2AFED4D-0672-467F-999C-9D6C3722B8C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BDCCD2D-3D98-4FC3-BAB5-3D09A0CAD12C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DA228CD-70CF-41FC-98F6-38194466CC32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFDE2415-78F8-4A36-AA9B-6EA8DCE399AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCA05266-35B6-422D-AE73-4C934B4F5091\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2AB70F1-D6A9-4ADF-A506-4C9DEE8AE754\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C2FDF0C-6493-4BE1-851E-0D8CE94E36B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EA9D7F9-A972-41A8-9561-DB72E37184F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"641ACFC8-BDE2-42AC-8B3D-EF78695AD750\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8629C630-14E0-4C94-BBD1-B5203488A6FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31C6D873-9770-4FD0-AC75-4D6C06FC4A8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CADB89B4-7218-4E2B-BB94-8CCEB79FB3F0\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"curl supports \\\"globbing\\\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.\"}, {\"lang\": \"es\", \"value\": \"curl es compatible con el \\\"globbing\\\" de URL, donde un usuario puede pasar un rango num\\u00e9rico para hacer que la herramienta itere sobre esos n\\u00fameros para realizar una secuencia de transferencias. En la funci\\u00f3n de \\\"globbing\\\" que analiza sint\\u00e1cticamente el rango num\\u00e9rico, hay una omisi\\u00f3n que hace que curl lea un byte m\\u00e1s all\\u00e1 del fin de la URL si se proporciona una URL manipulada o simplemente mal escrita. La URL se almacena en un b\\u00fafer basado en memoria din\\u00e1mica (heap) para que se pueda hacer luego de tal manera que lea err\\u00f3neamente otra cosa en vez de cerrarse inesperadamente. A continuaci\\u00f3n se muestra un ejemplo de una URL que desencadena este fallo: \\\"http://ur%20[0-60000000000000000000\\\".\"}]",
"id": "CVE-2017-1000101",
"lastModified": "2024-11-21T03:04:09.803",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:N/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2017-10-05T01:29:04.103",
"references": "[{\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/100249\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1039117\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/HT208221\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/100249\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1039117\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/HT208221\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-1000101\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-10-05T01:29:04.103\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"curl supports \\\"globbing\\\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.\"},{\"lang\":\"es\",\"value\":\"curl es compatible con el \\\"globbing\\\" de URL, donde un usuario puede pasar un rango num\u00e9rico para hacer que la herramienta itere sobre esos n\u00fameros para realizar una secuencia de transferencias. En la funci\u00f3n de \\\"globbing\\\" que analiza sint\u00e1cticamente el rango num\u00e9rico, hay una omisi\u00f3n que hace que curl lea un byte m\u00e1s all\u00e1 del fin de la URL si se proporciona una URL manipulada o simplemente mal escrita. La URL se almacena en un b\u00fafer basado en memoria din\u00e1mica (heap) para que se pueda hacer luego de tal manera que lea err\u00f3neamente otra cosa en vez de cerrarse inesperadamente. A continuaci\u00f3n se muestra un ejemplo de una URL que desencadena este fallo: \\\"http://ur%20[0-60000000000000000000\\\".\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC7E5201-24A0-4CEF-84D2-76DB195D3A8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D558CC2-0146-4887-834E-19FCB1D512A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6931764D-16AB-4546-9CE3-5B4E03BC984A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FC1313E-8DCB-4B29-A9BC-A27C8CB360E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B27C2E02-5C0A-4A12-B0A6-5B1C0DFA94E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFC7535F-B8C7-490F-A2F9-1DCFD41A3C9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CCBFE6D-F6A9-4394-9AF8-F830DC7E6A81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DEBBFCA-6A18-4F8F-B841-50255C952FA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEEAE437-A645-468B-B283-44799658F534\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03F7EE95-4EBE-4306-ADFE-A1A92CAD5F24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79F7AE71-7A18-4737-9C02-0A3343B3AD4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC589DE6-773A-43E8-9393-3083DB545671\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24D735EA-04E3-47E7-A859-3CC1ED887E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"063C1A70-0869-4933-88D7-ECE7ACCF0F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70B0A020-3DA1-4753-B810-C60E7CA06839\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63A18050-0DA7-400A-B564-AC9A020D57CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D168A62-A5B0-4BA8-8243-1AAF3B395567\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11D8B02D-5A97-4F9A-8EE8-D60D621E0B0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7DC2429-0B58-4D68-9337-0077C4493714\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4D5B7BD-2B9D-40AB-B13A-393FF0007A8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2AFED4D-0672-467F-999C-9D6C3722B8C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BDCCD2D-3D98-4FC3-BAB5-3D09A0CAD12C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DA228CD-70CF-41FC-98F6-38194466CC32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFDE2415-78F8-4A36-AA9B-6EA8DCE399AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCA05266-35B6-422D-AE73-4C934B4F5091\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2AB70F1-D6A9-4ADF-A506-4C9DEE8AE754\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2FDF0C-6493-4BE1-851E-0D8CE94E36B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EA9D7F9-A972-41A8-9561-DB72E37184F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"641ACFC8-BDE2-42AC-8B3D-EF78695AD750\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8629C630-14E0-4C94-BBD1-B5203488A6FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31C6D873-9770-4FD0-AC75-4D6C06FC4A8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CADB89B4-7218-4E2B-BB94-8CCEB79FB3F0\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2017/dsa-3992\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/100249\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039117\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3558\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://curl.haxx.se/docs/adv_20170809A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201709-14\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2017/dsa-3992\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/100249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039117\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3558\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://curl.haxx.se/docs/adv_20170809A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201709-14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.apple.com/HT208221\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"name\": \"RHSA-2018:3558\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"name\": \"GLSA-201709-14\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809A.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1039117\", \"name\": \"1039117\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/100249\", \"name\": \"100249\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"name\": \"DSA-3992\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T21:53:06.565Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-1000101\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-16T13:45:32.714678Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-16T13:45:11.717Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2017-10-03T00:00:00.000Z\", \"references\": [{\"url\": \"https://support.apple.com/HT208221\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"name\": \"RHSA-2018:3558\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"name\": \"GLSA-201709-14\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809A.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securitytracker.com/id/1039117\", \"name\": \"1039117\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.securityfocus.com/bid/100249\", \"name\": \"100249\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"name\": \"DSA-3992\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}], \"dateAssigned\": \"2017-08-22T00:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"curl supports \\\"globbing\\\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2018-11-13T10:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://support.apple.com/HT208221\", \"name\": \"https://support.apple.com/HT208221\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"name\": \"RHSA-2018:3558\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"name\": \"GLSA-201709-14\", \"refsource\": \"GENTOO\"}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809A.html\", \"name\": \"https://curl.haxx.se/docs/adv_20170809A.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securitytracker.com/id/1039117\", \"name\": \"1039117\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://www.securityfocus.com/bid/100249\", \"name\": \"100249\", \"refsource\": \"BID\"}, {\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"name\": \"DSA-3992\", \"refsource\": \"DEBIAN\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"curl supports \\\"globbing\\\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-1000101\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\", \"REQUESTER\": \"daniel@haxx.se\", \"DATE_ASSIGNED\": \"2017-08-22T17:29:33.316423\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2017-1000101\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-16T13:45:37.458Z\", \"dateReserved\": \"2017-10-03T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2017-10-04T01:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2017-AVI-385
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Apple . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | iOS versions antérieures à 11.1 | ||
| Apple | N/A | watchOS versions antérieures à 4.1 | ||
| Apple | macOS | macOS Sierra versions sans le correctif de sécurité 2017-001 | ||
| Apple | N/A | tvOS versions antérieures à 11.1 | ||
| Apple | macOS | macOS El Capitan sans le correctif de sécurité 2017-004 | ||
| Apple | N/A | iTunes versions antérieures à 12.7.1 sur Windows | ||
| Apple | N/A | iCloud pour Windows versions antérieures à 7.1 | ||
| Apple | Safari | Safari versions antérieures à 11.0.1 | ||
| Apple | macOS | macOS High Sierra versions antérieures à 10.13.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iOS versions ant\u00e9rieures \u00e0 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sierra versions sans le correctif de s\u00e9curit\u00e9 2017-001",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS El Capitan sans le correctif de s\u00e9curit\u00e9 2017-004",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iTunes versions ant\u00e9rieures \u00e0 12.7.1 sur Windows",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 11.0.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS High Sierra versions ant\u00e9rieures \u00e0 10.13.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-13802",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13802"
},
{
"name": "CVE-2017-13818",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13818"
},
{
"name": "CVE-2017-13052",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13052"
},
{
"name": "CVE-2017-12993",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12993"
},
{
"name": "CVE-2017-13018",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13018"
},
{
"name": "CVE-2017-13043",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13043"
},
{
"name": "CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"name": "CVE-2017-9789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9789"
},
{
"name": "CVE-2017-7659",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7659"
},
{
"name": "CVE-2016-4736",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4736"
},
{
"name": "CVE-2017-13050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13050"
},
{
"name": "CVE-2017-13816",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13816"
},
{
"name": "CVE-2017-13798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13798"
},
{
"name": "CVE-2017-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11108"
},
{
"name": "CVE-2017-13017",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13017"
},
{
"name": "CVE-2017-13831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13831"
},
{
"name": "CVE-2017-11543",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11543"
},
{
"name": "CVE-2017-13790",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13790"
},
{
"name": "CVE-2017-13000",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13000"
},
{
"name": "CVE-2017-13807",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13807"
},
{
"name": "CVE-2017-13843",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13843"
},
{
"name": "CVE-2017-13055",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13055"
},
{
"name": "CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"name": "CVE-2017-13041",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13041"
},
{
"name": "CVE-2017-12902",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12902"
},
{
"name": "CVE-2017-13834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13834"
},
{
"name": "CVE-2017-13007",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13007"
},
{
"name": "CVE-2017-13687",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13687"
},
{
"name": "CVE-2017-13078",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13078"
},
{
"name": "CVE-2017-12986",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12986"
},
{
"name": "CVE-2017-13821",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13821"
},
{
"name": "CVE-2017-13033",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13033"
},
{
"name": "CVE-2017-13817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13817"
},
{
"name": "CVE-2017-13799",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13799"
},
{
"name": "CVE-2017-12901",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12901"
},
{
"name": "CVE-2017-13832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13832"
},
{
"name": "CVE-2017-13011",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13011"
},
{
"name": "CVE-2017-13046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13046"
},
{
"name": "CVE-2017-13840",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13840"
},
{
"name": "CVE-2017-12897",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12897"
},
{
"name": "CVE-2017-13809",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13809"
},
{
"name": "CVE-2017-13822",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13822"
},
{
"name": "CVE-2017-7113",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7113"
},
{
"name": "CVE-2017-13800",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13800"
},
{
"name": "CVE-2017-13786",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13786"
},
{
"name": "CVE-2017-13003",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13003"
},
{
"name": "CVE-2017-13815",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13815"
},
{
"name": "CVE-2017-13013",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13013"
},
{
"name": "CVE-2017-13001",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13001"
},
{
"name": "CVE-2017-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13009"
},
{
"name": "CVE-2017-1000101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
},
{
"name": "CVE-2016-8740",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8740"
},
{
"name": "CVE-2017-13048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13048"
},
{
"name": "CVE-2017-13054",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13054"
},
{
"name": "CVE-2017-13038",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13038"
},
{
"name": "CVE-2017-13841",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13841"
},
{
"name": "CVE-2017-13010",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13010"
},
{
"name": "CVE-2017-12990",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12990"
},
{
"name": "CVE-2017-13783",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13783"
},
{
"name": "CVE-2017-13047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13047"
},
{
"name": "CVE-2017-12991",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12991"
},
{
"name": "CVE-2017-13805",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13805"
},
{
"name": "CVE-2017-13811",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13811"
},
{
"name": "CVE-2017-13849",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13849"
},
{
"name": "CVE-2017-13032",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13032"
},
{
"name": "CVE-2017-13801",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13801"
},
{
"name": "CVE-2017-13051",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13051"
},
{
"name": "CVE-2017-13036",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13036"
},
{
"name": "CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"name": "CVE-2017-13844",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13844"
},
{
"name": "CVE-2016-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2161"
},
{
"name": "CVE-2017-13795",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13795"
},
{
"name": "CVE-2017-13690",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13690"
},
{
"name": "CVE-2017-13838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13838"
},
{
"name": "CVE-2017-11542",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11542"
},
{
"name": "CVE-2017-13842",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13842"
},
{
"name": "CVE-2017-12997",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12997"
},
{
"name": "CVE-2017-13045",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13045"
},
{
"name": "CVE-2017-13026",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13026"
},
{
"name": "CVE-2017-13785",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13785"
},
{
"name": "CVE-2016-5387",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5387"
},
{
"name": "CVE-2017-13796",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13796"
},
{
"name": "CVE-2017-13782",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13782"
},
{
"name": "CVE-2017-13784",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13784"
},
{
"name": "CVE-2017-13042",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13042"
},
{
"name": "CVE-2017-12992",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12992"
},
{
"name": "CVE-2017-13027",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13027"
},
{
"name": "CVE-2017-13034",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13034"
},
{
"name": "CVE-2017-13794",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13794"
},
{
"name": "CVE-2017-13015",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13015"
},
{
"name": "CVE-2017-13725",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13725"
},
{
"name": "CVE-2017-13819",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13819"
},
{
"name": "CVE-2017-13044",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13044"
},
{
"name": "CVE-2017-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12900"
},
{
"name": "CVE-2017-12994",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12994"
},
{
"name": "CVE-2017-12998",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12998"
},
{
"name": "CVE-2017-13029",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13029"
},
{
"name": "CVE-2017-13037",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13037"
},
{
"name": "CVE-2017-13788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13788"
},
{
"name": "CVE-2017-7132",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7132"
},
{
"name": "CVE-2017-13810",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13810"
},
{
"name": "CVE-2017-13039",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13039"
},
{
"name": "CVE-2017-13791",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13791"
},
{
"name": "CVE-2017-13023",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13023"
},
{
"name": "CVE-2017-13020",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13020"
},
{
"name": "CVE-2017-13021",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13021"
},
{
"name": "CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"name": "CVE-2017-12896",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12896"
},
{
"name": "CVE-2017-13824",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13824"
},
{
"name": "CVE-2017-13049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13049"
},
{
"name": "CVE-2017-12999",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12999"
},
{
"name": "CVE-2017-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13836"
},
{
"name": "CVE-2017-13823",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13823"
},
{
"name": "CVE-2017-13846",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13846"
},
{
"name": "CVE-2017-12988",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12988"
},
{
"name": "CVE-2017-13789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13789"
},
{
"name": "CVE-2017-12985",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12985"
},
{
"name": "CVE-2017-12899",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12899"
},
{
"name": "CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"name": "CVE-2017-13014",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13014"
},
{
"name": "CVE-2017-12894",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12894"
},
{
"name": "CVE-2017-13804",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13804"
},
{
"name": "CVE-2017-13024",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13024"
},
{
"name": "CVE-2017-13004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13004"
},
{
"name": "CVE-2017-12996",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12996"
},
{
"name": "CVE-2017-13830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13830"
},
{
"name": "CVE-2017-12893",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12893"
},
{
"name": "CVE-2017-13019",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13019"
},
{
"name": "CVE-2017-13030",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13030"
},
{
"name": "CVE-2017-13808",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13808"
},
{
"name": "CVE-2017-13813",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13813"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-13053",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13053"
},
{
"name": "CVE-2017-13040",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13040"
},
{
"name": "CVE-2017-13689",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13689"
},
{
"name": "CVE-2017-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11103"
},
{
"name": "CVE-2017-13005",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13005"
},
{
"name": "CVE-2017-13793",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13793"
},
{
"name": "CVE-2017-13814",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13814"
},
{
"name": "CVE-2017-12987",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12987"
},
{
"name": "CVE-2017-13826",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13826"
},
{
"name": "CVE-2017-11541",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11541"
},
{
"name": "CVE-2017-13025",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13025"
},
{
"name": "CVE-2017-13828",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13828"
},
{
"name": "CVE-2017-13688",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13688"
},
{
"name": "CVE-2017-13820",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13820"
},
{
"name": "CVE-2017-12995",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12995"
},
{
"name": "CVE-2017-13792",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13792"
},
{
"name": "CVE-2017-13031",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13031"
},
{
"name": "CVE-2017-13028",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13028"
},
{
"name": "CVE-2017-13825",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13825"
},
{
"name": "CVE-2016-8743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
},
{
"name": "CVE-2017-13803",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13803"
},
{
"name": "CVE-2017-13006",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13006"
},
{
"name": "CVE-2017-12895",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12895"
},
{
"name": "CVE-2017-13812",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13812"
},
{
"name": "CVE-2017-13022",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13022"
},
{
"name": "CVE-2017-13012",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13012"
},
{
"name": "CVE-2017-13002",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13002"
},
{
"name": "CVE-2017-13035",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13035"
},
{
"name": "CVE-2017-12989",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12989"
},
{
"name": "CVE-2017-13077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13077"
},
{
"name": "CVE-2017-13016",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13016"
},
{
"name": "CVE-2017-13080",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
},
{
"name": "CVE-2017-12898",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12898"
},
{
"name": "CVE-2017-13008",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13008"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-385",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-11-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple\n. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208225 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208225"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208222 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208222"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208219 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208219"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208223 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208223"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208220 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208220"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208221 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208221"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208224 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208224"
}
]
}
CERTFR-2018-AVI-339
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper . Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Contrail Service Orchestration (CSO) versions antérieures à 4.0.0 et 3.3.0 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 18.1R1 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X46-D45, 12.1X46-D67, 12.1X46-D76, 12.1X46-D77, 12.3R11, 12.3R12-S10, 12.3X48-D20, 12.3X48-D25, 12.3X48-D55, 12.3X48-D66, 12.3X48-D70, 12.3X54-D34, 14.1X53-D30, 14.1X53-D47, 15.1F5-S5, 15.1F6-S1, 15.1F6-S10, 15.1F7, 15.1R4-S5, 15.1R4-S9, 15.1R5, 15.1R6-S6, 15.1R7, 15.1R7-S1, 15.1R8, 15.1X49-D110, 15.1X49-D131, 15.1X49-D140, 15.1X49-D20, 15.1X49-D35, 15.1X53-D233, 15.1X53-D234, 15.1X53-D47, 15.1X53-D470, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D60, 15.1X53-D67, 15.1X54-D70, 15.1X8.3, 16.1R2, 16.1R3, 16.1R3-S8, 16.1R3-S9, 16.1R4-S10, 16.1R4-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S1, 16.1R6-S3, 16.1R6-S4, 16.1R7, 16.1X65-D46, 16.1X65-D47, 16.2R1, 16.2R1-S6, 16.2R1-S7, 16.2R2-S5, 16.2R2-S6, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R1-S6, 17.2R2-S4, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.2X75-D110, 17.2X75-D70, 17.2X75-D90, 17.2X75-D91, 17.3R1, 17.3R1-S4, 17.3R2, 17.3R2-S2, 17.3R3, 17.4R1-S2, 17.4R1-S3, 17.4R1-S4, 17.4R2, 18.1R1, 18.1R2, 18.1X75-D10, 18.2R1, 18.2X75-D10 et 18.2X75-D5 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Contrail Service Orchestration (CSO) versions ant\u00e9rieures \u00e0 4.0.0 et 3.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 18.1R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D45, 12.1X46-D67, 12.1X46-D76, 12.1X46-D77, 12.3R11, 12.3R12-S10, 12.3X48-D20, 12.3X48-D25, 12.3X48-D55, 12.3X48-D66, 12.3X48-D70, 12.3X54-D34, 14.1X53-D30, 14.1X53-D47, 15.1F5-S5, 15.1F6-S1, 15.1F6-S10, 15.1F7, 15.1R4-S5, 15.1R4-S9, 15.1R5, 15.1R6-S6, 15.1R7, 15.1R7-S1, 15.1R8, 15.1X49-D110, 15.1X49-D131, 15.1X49-D140, 15.1X49-D20, 15.1X49-D35, 15.1X53-D233, 15.1X53-D234, 15.1X53-D47, 15.1X53-D470, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D60, 15.1X53-D67, 15.1X54-D70, 15.1X8.3, 16.1R2, 16.1R3, 16.1R3-S8, 16.1R3-S9, 16.1R4-S10, 16.1R4-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S1, 16.1R6-S3, 16.1R6-S4, 16.1R7, 16.1X65-D46, 16.1X65-D47, 16.2R1, 16.2R1-S6, 16.2R1-S7, 16.2R2-S5, 16.2R2-S6, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R1-S6, 17.2R2-S4, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.2X75-D110, 17.2X75-D70, 17.2X75-D90, 17.2X75-D91, 17.3R1, 17.3R1-S4, 17.3R2, 17.3R2-S2, 17.3R3, 17.4R1-S2, 17.4R1-S3, 17.4R1-S4, 17.4R2, 18.1R1, 18.1R2, 18.1X75-D10, 18.2R1, 18.2X75-D10 et 18.2X75-D5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-7407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7407"
},
{
"name": "CVE-2018-0027",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0027"
},
{
"name": "CVE-2016-8615",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8615"
},
{
"name": "CVE-2015-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3153"
},
{
"name": "CVE-2018-0024",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0024"
},
{
"name": "CVE-2017-1000257",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000257"
},
{
"name": "CVE-2016-8619",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8619"
},
{
"name": "CVE-2013-1944",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1944"
},
{
"name": "CVE-2018-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2603"
},
{
"name": "CVE-2017-8818",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8818"
},
{
"name": "CVE-2018-0031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0031"
},
{
"name": "CVE-2018-0035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0035"
},
{
"name": "CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"name": "CVE-2016-9952",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9952"
},
{
"name": "CVE-2017-10295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10295"
},
{
"name": "CVE-2013-4545",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4545"
},
{
"name": "CVE-2015-7236",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7236"
},
{
"name": "CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"name": "CVE-2016-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4802"
},
{
"name": "CVE-2017-10388",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10388"
},
{
"name": "CVE-2016-9953",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9953"
},
{
"name": "CVE-2016-8624",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8624"
},
{
"name": "CVE-2018-0039",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0039"
},
{
"name": "CVE-2016-8616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8616"
},
{
"name": "CVE-2015-3148",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3148"
},
{
"name": "CVE-2016-8620",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8620"
},
{
"name": "CVE-2014-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3613"
},
{
"name": "CVE-2018-1000121",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000121"
},
{
"name": "CVE-2013-6422",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6422"
},
{
"name": "CVE-2018-0042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0042"
},
{
"name": "CVE-2018-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2618"
},
{
"name": "CVE-2018-1000005",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000005"
},
{
"name": "CVE-2016-8617",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8617"
},
{
"name": "CVE-2016-0754",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0754"
},
{
"name": "CVE-2017-1000101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
},
{
"name": "CVE-2018-1000120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000120"
},
{
"name": "CVE-2014-8150",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8150"
},
{
"name": "CVE-2014-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3707"
},
{
"name": "CVE-2016-8618",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8618"
},
{
"name": "CVE-2018-0037",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0037"
},
{
"name": "CVE-2015-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3143"
},
{
"name": "CVE-2018-0040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0040"
},
{
"name": "CVE-2016-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5419"
},
{
"name": "CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"name": "CVE-2018-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2637"
},
{
"name": "CVE-2017-10198",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10198"
},
{
"name": "CVE-2017-10355",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10355"
},
{
"name": "CVE-2016-8623",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8623"
},
{
"name": "CVE-2017-5754",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5754"
},
{
"name": "CVE-2016-3739",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3739"
},
{
"name": "CVE-2018-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2663"
},
{
"name": "CVE-2017-15896",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15896"
},
{
"name": "CVE-2018-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2579"
},
{
"name": "CVE-2017-8816",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8816"
},
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2016-7167",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7167"
},
{
"name": "CVE-2017-9502",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9502"
},
{
"name": "CVE-2018-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0030"
},
{
"name": "CVE-2018-0034",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0034"
},
{
"name": "CVE-2018-2633",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2633"
},
{
"name": "CVE-2000-0973",
"url": "https://www.cve.org/CVERecord?id=CVE-2000-0973"
},
{
"name": "CVE-2014-0139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0139"
},
{
"name": "CVE-2016-5420",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5420"
},
{
"name": "CVE-2016-7141",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7141"
},
{
"name": "CVE-2014-0138",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0138"
},
{
"name": "CVE-2016-8621",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8621"
},
{
"name": "CVE-2018-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0029"
},
{
"name": "CVE-2018-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0025"
},
{
"name": "CVE-2017-1000254",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000254"
},
{
"name": "CVE-2018-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2599"
},
{
"name": "CVE-2017-8817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8817"
},
{
"name": "CVE-2017-10356",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10356"
},
{
"name": "CVE-2018-0038",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0038"
},
{
"name": "CVE-2016-9586",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9586"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-10345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10345"
},
{
"name": "CVE-2018-0041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0041"
},
{
"name": "CVE-2017-5715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
},
{
"name": "CVE-2018-2629",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2629"
},
{
"name": "CVE-2016-8622",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8622"
},
{
"name": "CVE-2013-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2174"
},
{
"name": "CVE-2018-1000007",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000007"
},
{
"name": "CVE-2018-0032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0032"
},
{
"name": "CVE-2016-5421",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5421"
},
{
"name": "CVE-2018-2678",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2678"
},
{
"name": "CVE-2014-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0015"
},
{
"name": "CVE-2017-1000099",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000099"
},
{
"name": "CVE-2018-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2588"
},
{
"name": "CVE-2018-1000122",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000122"
},
{
"name": "CVE-2017-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3145"
},
{
"name": "CVE-2016-8625",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8625"
},
{
"name": "CVE-2018-0026",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0026"
},
{
"name": "CVE-2016-0755",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0755"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-339",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-07-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10869 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10869\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10866 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10866\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10874 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10874\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10863 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10863\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10871 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10871\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10857 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10857\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10868 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10868\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10859 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10859\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10872 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10872\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10858 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10858\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10861 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10861\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10860 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10860\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10864 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10864\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10873 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10873\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10865 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10865\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2017-AVI-385
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Apple . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | iOS versions antérieures à 11.1 | ||
| Apple | N/A | watchOS versions antérieures à 4.1 | ||
| Apple | macOS | macOS Sierra versions sans le correctif de sécurité 2017-001 | ||
| Apple | N/A | tvOS versions antérieures à 11.1 | ||
| Apple | macOS | macOS El Capitan sans le correctif de sécurité 2017-004 | ||
| Apple | N/A | iTunes versions antérieures à 12.7.1 sur Windows | ||
| Apple | N/A | iCloud pour Windows versions antérieures à 7.1 | ||
| Apple | Safari | Safari versions antérieures à 11.0.1 | ||
| Apple | macOS | macOS High Sierra versions antérieures à 10.13.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iOS versions ant\u00e9rieures \u00e0 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sierra versions sans le correctif de s\u00e9curit\u00e9 2017-001",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS El Capitan sans le correctif de s\u00e9curit\u00e9 2017-004",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iTunes versions ant\u00e9rieures \u00e0 12.7.1 sur Windows",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 11.0.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS High Sierra versions ant\u00e9rieures \u00e0 10.13.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-13802",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13802"
},
{
"name": "CVE-2017-13818",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13818"
},
{
"name": "CVE-2017-13052",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13052"
},
{
"name": "CVE-2017-12993",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12993"
},
{
"name": "CVE-2017-13018",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13018"
},
{
"name": "CVE-2017-13043",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13043"
},
{
"name": "CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"name": "CVE-2017-9789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9789"
},
{
"name": "CVE-2017-7659",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7659"
},
{
"name": "CVE-2016-4736",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4736"
},
{
"name": "CVE-2017-13050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13050"
},
{
"name": "CVE-2017-13816",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13816"
},
{
"name": "CVE-2017-13798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13798"
},
{
"name": "CVE-2017-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11108"
},
{
"name": "CVE-2017-13017",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13017"
},
{
"name": "CVE-2017-13831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13831"
},
{
"name": "CVE-2017-11543",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11543"
},
{
"name": "CVE-2017-13790",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13790"
},
{
"name": "CVE-2017-13000",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13000"
},
{
"name": "CVE-2017-13807",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13807"
},
{
"name": "CVE-2017-13843",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13843"
},
{
"name": "CVE-2017-13055",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13055"
},
{
"name": "CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"name": "CVE-2017-13041",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13041"
},
{
"name": "CVE-2017-12902",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12902"
},
{
"name": "CVE-2017-13834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13834"
},
{
"name": "CVE-2017-13007",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13007"
},
{
"name": "CVE-2017-13687",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13687"
},
{
"name": "CVE-2017-13078",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13078"
},
{
"name": "CVE-2017-12986",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12986"
},
{
"name": "CVE-2017-13821",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13821"
},
{
"name": "CVE-2017-13033",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13033"
},
{
"name": "CVE-2017-13817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13817"
},
{
"name": "CVE-2017-13799",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13799"
},
{
"name": "CVE-2017-12901",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12901"
},
{
"name": "CVE-2017-13832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13832"
},
{
"name": "CVE-2017-13011",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13011"
},
{
"name": "CVE-2017-13046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13046"
},
{
"name": "CVE-2017-13840",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13840"
},
{
"name": "CVE-2017-12897",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12897"
},
{
"name": "CVE-2017-13809",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13809"
},
{
"name": "CVE-2017-13822",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13822"
},
{
"name": "CVE-2017-7113",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7113"
},
{
"name": "CVE-2017-13800",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13800"
},
{
"name": "CVE-2017-13786",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13786"
},
{
"name": "CVE-2017-13003",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13003"
},
{
"name": "CVE-2017-13815",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13815"
},
{
"name": "CVE-2017-13013",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13013"
},
{
"name": "CVE-2017-13001",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13001"
},
{
"name": "CVE-2017-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13009"
},
{
"name": "CVE-2017-1000101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
},
{
"name": "CVE-2016-8740",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8740"
},
{
"name": "CVE-2017-13048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13048"
},
{
"name": "CVE-2017-13054",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13054"
},
{
"name": "CVE-2017-13038",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13038"
},
{
"name": "CVE-2017-13841",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13841"
},
{
"name": "CVE-2017-13010",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13010"
},
{
"name": "CVE-2017-12990",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12990"
},
{
"name": "CVE-2017-13783",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13783"
},
{
"name": "CVE-2017-13047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13047"
},
{
"name": "CVE-2017-12991",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12991"
},
{
"name": "CVE-2017-13805",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13805"
},
{
"name": "CVE-2017-13811",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13811"
},
{
"name": "CVE-2017-13849",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13849"
},
{
"name": "CVE-2017-13032",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13032"
},
{
"name": "CVE-2017-13801",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13801"
},
{
"name": "CVE-2017-13051",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13051"
},
{
"name": "CVE-2017-13036",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13036"
},
{
"name": "CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"name": "CVE-2017-13844",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13844"
},
{
"name": "CVE-2016-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2161"
},
{
"name": "CVE-2017-13795",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13795"
},
{
"name": "CVE-2017-13690",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13690"
},
{
"name": "CVE-2017-13838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13838"
},
{
"name": "CVE-2017-11542",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11542"
},
{
"name": "CVE-2017-13842",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13842"
},
{
"name": "CVE-2017-12997",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12997"
},
{
"name": "CVE-2017-13045",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13045"
},
{
"name": "CVE-2017-13026",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13026"
},
{
"name": "CVE-2017-13785",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13785"
},
{
"name": "CVE-2016-5387",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5387"
},
{
"name": "CVE-2017-13796",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13796"
},
{
"name": "CVE-2017-13782",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13782"
},
{
"name": "CVE-2017-13784",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13784"
},
{
"name": "CVE-2017-13042",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13042"
},
{
"name": "CVE-2017-12992",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12992"
},
{
"name": "CVE-2017-13027",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13027"
},
{
"name": "CVE-2017-13034",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13034"
},
{
"name": "CVE-2017-13794",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13794"
},
{
"name": "CVE-2017-13015",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13015"
},
{
"name": "CVE-2017-13725",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13725"
},
{
"name": "CVE-2017-13819",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13819"
},
{
"name": "CVE-2017-13044",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13044"
},
{
"name": "CVE-2017-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12900"
},
{
"name": "CVE-2017-12994",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12994"
},
{
"name": "CVE-2017-12998",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12998"
},
{
"name": "CVE-2017-13029",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13029"
},
{
"name": "CVE-2017-13037",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13037"
},
{
"name": "CVE-2017-13788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13788"
},
{
"name": "CVE-2017-7132",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7132"
},
{
"name": "CVE-2017-13810",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13810"
},
{
"name": "CVE-2017-13039",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13039"
},
{
"name": "CVE-2017-13791",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13791"
},
{
"name": "CVE-2017-13023",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13023"
},
{
"name": "CVE-2017-13020",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13020"
},
{
"name": "CVE-2017-13021",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13021"
},
{
"name": "CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"name": "CVE-2017-12896",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12896"
},
{
"name": "CVE-2017-13824",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13824"
},
{
"name": "CVE-2017-13049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13049"
},
{
"name": "CVE-2017-12999",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12999"
},
{
"name": "CVE-2017-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13836"
},
{
"name": "CVE-2017-13823",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13823"
},
{
"name": "CVE-2017-13846",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13846"
},
{
"name": "CVE-2017-12988",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12988"
},
{
"name": "CVE-2017-13789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13789"
},
{
"name": "CVE-2017-12985",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12985"
},
{
"name": "CVE-2017-12899",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12899"
},
{
"name": "CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"name": "CVE-2017-13014",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13014"
},
{
"name": "CVE-2017-12894",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12894"
},
{
"name": "CVE-2017-13804",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13804"
},
{
"name": "CVE-2017-13024",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13024"
},
{
"name": "CVE-2017-13004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13004"
},
{
"name": "CVE-2017-12996",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12996"
},
{
"name": "CVE-2017-13830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13830"
},
{
"name": "CVE-2017-12893",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12893"
},
{
"name": "CVE-2017-13019",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13019"
},
{
"name": "CVE-2017-13030",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13030"
},
{
"name": "CVE-2017-13808",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13808"
},
{
"name": "CVE-2017-13813",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13813"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-13053",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13053"
},
{
"name": "CVE-2017-13040",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13040"
},
{
"name": "CVE-2017-13689",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13689"
},
{
"name": "CVE-2017-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11103"
},
{
"name": "CVE-2017-13005",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13005"
},
{
"name": "CVE-2017-13793",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13793"
},
{
"name": "CVE-2017-13814",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13814"
},
{
"name": "CVE-2017-12987",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12987"
},
{
"name": "CVE-2017-13826",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13826"
},
{
"name": "CVE-2017-11541",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11541"
},
{
"name": "CVE-2017-13025",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13025"
},
{
"name": "CVE-2017-13828",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13828"
},
{
"name": "CVE-2017-13688",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13688"
},
{
"name": "CVE-2017-13820",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13820"
},
{
"name": "CVE-2017-12995",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12995"
},
{
"name": "CVE-2017-13792",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13792"
},
{
"name": "CVE-2017-13031",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13031"
},
{
"name": "CVE-2017-13028",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13028"
},
{
"name": "CVE-2017-13825",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13825"
},
{
"name": "CVE-2016-8743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
},
{
"name": "CVE-2017-13803",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13803"
},
{
"name": "CVE-2017-13006",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13006"
},
{
"name": "CVE-2017-12895",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12895"
},
{
"name": "CVE-2017-13812",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13812"
},
{
"name": "CVE-2017-13022",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13022"
},
{
"name": "CVE-2017-13012",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13012"
},
{
"name": "CVE-2017-13002",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13002"
},
{
"name": "CVE-2017-13035",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13035"
},
{
"name": "CVE-2017-12989",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12989"
},
{
"name": "CVE-2017-13077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13077"
},
{
"name": "CVE-2017-13016",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13016"
},
{
"name": "CVE-2017-13080",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
},
{
"name": "CVE-2017-12898",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12898"
},
{
"name": "CVE-2017-13008",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13008"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-385",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-11-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple\n. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208225 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208225"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208222 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208222"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208219 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208219"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208223 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208223"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208220 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208220"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208221 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208221"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208224 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208224"
}
]
}
CERTFR-2018-AVI-339
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper . Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Contrail Service Orchestration (CSO) versions antérieures à 4.0.0 et 3.3.0 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 18.1R1 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X46-D45, 12.1X46-D67, 12.1X46-D76, 12.1X46-D77, 12.3R11, 12.3R12-S10, 12.3X48-D20, 12.3X48-D25, 12.3X48-D55, 12.3X48-D66, 12.3X48-D70, 12.3X54-D34, 14.1X53-D30, 14.1X53-D47, 15.1F5-S5, 15.1F6-S1, 15.1F6-S10, 15.1F7, 15.1R4-S5, 15.1R4-S9, 15.1R5, 15.1R6-S6, 15.1R7, 15.1R7-S1, 15.1R8, 15.1X49-D110, 15.1X49-D131, 15.1X49-D140, 15.1X49-D20, 15.1X49-D35, 15.1X53-D233, 15.1X53-D234, 15.1X53-D47, 15.1X53-D470, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D60, 15.1X53-D67, 15.1X54-D70, 15.1X8.3, 16.1R2, 16.1R3, 16.1R3-S8, 16.1R3-S9, 16.1R4-S10, 16.1R4-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S1, 16.1R6-S3, 16.1R6-S4, 16.1R7, 16.1X65-D46, 16.1X65-D47, 16.2R1, 16.2R1-S6, 16.2R1-S7, 16.2R2-S5, 16.2R2-S6, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R1-S6, 17.2R2-S4, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.2X75-D110, 17.2X75-D70, 17.2X75-D90, 17.2X75-D91, 17.3R1, 17.3R1-S4, 17.3R2, 17.3R2-S2, 17.3R3, 17.4R1-S2, 17.4R1-S3, 17.4R1-S4, 17.4R2, 18.1R1, 18.1R2, 18.1X75-D10, 18.2R1, 18.2X75-D10 et 18.2X75-D5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Contrail Service Orchestration (CSO) versions ant\u00e9rieures \u00e0 4.0.0 et 3.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 18.1R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D45, 12.1X46-D67, 12.1X46-D76, 12.1X46-D77, 12.3R11, 12.3R12-S10, 12.3X48-D20, 12.3X48-D25, 12.3X48-D55, 12.3X48-D66, 12.3X48-D70, 12.3X54-D34, 14.1X53-D30, 14.1X53-D47, 15.1F5-S5, 15.1F6-S1, 15.1F6-S10, 15.1F7, 15.1R4-S5, 15.1R4-S9, 15.1R5, 15.1R6-S6, 15.1R7, 15.1R7-S1, 15.1R8, 15.1X49-D110, 15.1X49-D131, 15.1X49-D140, 15.1X49-D20, 15.1X49-D35, 15.1X53-D233, 15.1X53-D234, 15.1X53-D47, 15.1X53-D470, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D60, 15.1X53-D67, 15.1X54-D70, 15.1X8.3, 16.1R2, 16.1R3, 16.1R3-S8, 16.1R3-S9, 16.1R4-S10, 16.1R4-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S1, 16.1R6-S3, 16.1R6-S4, 16.1R7, 16.1X65-D46, 16.1X65-D47, 16.2R1, 16.2R1-S6, 16.2R1-S7, 16.2R2-S5, 16.2R2-S6, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R1-S6, 17.2R2-S4, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.2X75-D110, 17.2X75-D70, 17.2X75-D90, 17.2X75-D91, 17.3R1, 17.3R1-S4, 17.3R2, 17.3R2-S2, 17.3R3, 17.4R1-S2, 17.4R1-S3, 17.4R1-S4, 17.4R2, 18.1R1, 18.1R2, 18.1X75-D10, 18.2R1, 18.2X75-D10 et 18.2X75-D5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-7407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7407"
},
{
"name": "CVE-2018-0027",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0027"
},
{
"name": "CVE-2016-8615",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8615"
},
{
"name": "CVE-2015-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3153"
},
{
"name": "CVE-2018-0024",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0024"
},
{
"name": "CVE-2017-1000257",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000257"
},
{
"name": "CVE-2016-8619",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8619"
},
{
"name": "CVE-2013-1944",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1944"
},
{
"name": "CVE-2018-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2603"
},
{
"name": "CVE-2017-8818",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8818"
},
{
"name": "CVE-2018-0031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0031"
},
{
"name": "CVE-2018-0035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0035"
},
{
"name": "CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"name": "CVE-2016-9952",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9952"
},
{
"name": "CVE-2017-10295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10295"
},
{
"name": "CVE-2013-4545",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4545"
},
{
"name": "CVE-2015-7236",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7236"
},
{
"name": "CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"name": "CVE-2016-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4802"
},
{
"name": "CVE-2017-10388",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10388"
},
{
"name": "CVE-2016-9953",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9953"
},
{
"name": "CVE-2016-8624",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8624"
},
{
"name": "CVE-2018-0039",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0039"
},
{
"name": "CVE-2016-8616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8616"
},
{
"name": "CVE-2015-3148",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3148"
},
{
"name": "CVE-2016-8620",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8620"
},
{
"name": "CVE-2014-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3613"
},
{
"name": "CVE-2018-1000121",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000121"
},
{
"name": "CVE-2013-6422",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6422"
},
{
"name": "CVE-2018-0042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0042"
},
{
"name": "CVE-2018-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2618"
},
{
"name": "CVE-2018-1000005",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000005"
},
{
"name": "CVE-2016-8617",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8617"
},
{
"name": "CVE-2016-0754",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0754"
},
{
"name": "CVE-2017-1000101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
},
{
"name": "CVE-2018-1000120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000120"
},
{
"name": "CVE-2014-8150",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8150"
},
{
"name": "CVE-2014-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3707"
},
{
"name": "CVE-2016-8618",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8618"
},
{
"name": "CVE-2018-0037",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0037"
},
{
"name": "CVE-2015-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3143"
},
{
"name": "CVE-2018-0040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0040"
},
{
"name": "CVE-2016-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5419"
},
{
"name": "CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"name": "CVE-2018-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2637"
},
{
"name": "CVE-2017-10198",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10198"
},
{
"name": "CVE-2017-10355",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10355"
},
{
"name": "CVE-2016-8623",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8623"
},
{
"name": "CVE-2017-5754",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5754"
},
{
"name": "CVE-2016-3739",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3739"
},
{
"name": "CVE-2018-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2663"
},
{
"name": "CVE-2017-15896",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15896"
},
{
"name": "CVE-2018-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2579"
},
{
"name": "CVE-2017-8816",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8816"
},
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2016-7167",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7167"
},
{
"name": "CVE-2017-9502",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9502"
},
{
"name": "CVE-2018-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0030"
},
{
"name": "CVE-2018-0034",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0034"
},
{
"name": "CVE-2018-2633",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2633"
},
{
"name": "CVE-2000-0973",
"url": "https://www.cve.org/CVERecord?id=CVE-2000-0973"
},
{
"name": "CVE-2014-0139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0139"
},
{
"name": "CVE-2016-5420",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5420"
},
{
"name": "CVE-2016-7141",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7141"
},
{
"name": "CVE-2014-0138",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0138"
},
{
"name": "CVE-2016-8621",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8621"
},
{
"name": "CVE-2018-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0029"
},
{
"name": "CVE-2018-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0025"
},
{
"name": "CVE-2017-1000254",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000254"
},
{
"name": "CVE-2018-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2599"
},
{
"name": "CVE-2017-8817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8817"
},
{
"name": "CVE-2017-10356",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10356"
},
{
"name": "CVE-2018-0038",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0038"
},
{
"name": "CVE-2016-9586",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9586"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-10345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10345"
},
{
"name": "CVE-2018-0041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0041"
},
{
"name": "CVE-2017-5715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
},
{
"name": "CVE-2018-2629",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2629"
},
{
"name": "CVE-2016-8622",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8622"
},
{
"name": "CVE-2013-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2174"
},
{
"name": "CVE-2018-1000007",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000007"
},
{
"name": "CVE-2018-0032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0032"
},
{
"name": "CVE-2016-5421",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5421"
},
{
"name": "CVE-2018-2678",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2678"
},
{
"name": "CVE-2014-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0015"
},
{
"name": "CVE-2017-1000099",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000099"
},
{
"name": "CVE-2018-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2588"
},
{
"name": "CVE-2018-1000122",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000122"
},
{
"name": "CVE-2017-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3145"
},
{
"name": "CVE-2016-8625",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8625"
},
{
"name": "CVE-2018-0026",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0026"
},
{
"name": "CVE-2016-0755",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0755"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-339",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-07-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10869 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10869\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10866 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10866\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10874 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10874\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10863 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10863\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10871 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10871\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10857 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10857\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10868 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10868\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10859 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10859\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10872 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10872\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10858 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10858\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10861 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10861\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10860 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10860\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10864 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10864\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10873 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10873\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10865 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10865\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
cleanstart-2026-ay18527
Vulnerability from cleanstart
Published
2026-04-01 09:55
Modified
2026-03-16 17:21
Summary
Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.17.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0
Details
Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "curl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.9.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-AY18527",
"modified": "2026-03-16T17:21:19Z",
"published": "2026-04-01T09:55:26.067667Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-AY18527.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.17.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0",
"upstream": [
"CVE-2014-0138",
"CVE-2014-0139",
"CVE-2016-5419",
"CVE-2016-5420",
"CVE-2016-5421",
"CVE-2016-7141",
"CVE-2016-7167",
"CVE-2016-8615",
"CVE-2016-8616",
"CVE-2016-8617",
"CVE-2016-8618",
"CVE-2016-8619",
"CVE-2016-8620",
"CVE-2016-8621",
"CVE-2016-8622",
"CVE-2016-8623",
"CVE-2016-8624",
"CVE-2016-8625",
"CVE-2016-9594",
"CVE-2017-1000099",
"CVE-2017-1000100",
"CVE-2017-1000101",
"CVE-2017-1000257",
"CVE-2017-2629",
"CVE-2017-7407",
"CVE-2017-7468",
"CVE-2017-8816",
"CVE-2017-8817",
"CVE-2017-8818",
"CVE-2018-0500",
"CVE-2018-1000120",
"CVE-2018-1000121",
"CVE-2018-1000122",
"CVE-2018-1000300",
"CVE-2018-1000301",
"CVE-2018-14618",
"CVE-2018-16839",
"CVE-2018-16840",
"CVE-2018-16842",
"CVE-2018-16890",
"CVE-2019-3822",
"CVE-2019-3823",
"CVE-2019-5435",
"CVE-2019-5436",
"CVE-2019-5481",
"CVE-2019-5482",
"CVE-2020-8169",
"CVE-2020-8177",
"CVE-2020-8231",
"CVE-2020-8284",
"CVE-2020-8285",
"CVE-2020-8286",
"CVE-2021-22876",
"CVE-2021-22890",
"CVE-2021-22897",
"CVE-2021-22898",
"CVE-2021-22901",
"CVE-2021-22922",
"CVE-2021-22923",
"CVE-2021-22924",
"CVE-2021-22925",
"CVE-2021-22945",
"CVE-2021-22946",
"CVE-2021-22947",
"CVE-2022-22576",
"CVE-2022-27774",
"CVE-2022-27775",
"CVE-2022-27776",
"CVE-2022-27778",
"CVE-2022-27779",
"CVE-2022-27780",
"CVE-2022-27781",
"CVE-2022-27782",
"CVE-2022-30115",
"CVE-2022-32205",
"CVE-2022-32206",
"CVE-2022-32207",
"CVE-2022-32208",
"CVE-2022-32221",
"CVE-2022-35252",
"CVE-2022-35260",
"CVE-2022-42915",
"CVE-2022-42916",
"CVE-2022-43551",
"CVE-2022-43552",
"CVE-2023-23914",
"CVE-2023-23915",
"CVE-2023-23916",
"CVE-2023-27533",
"CVE-2023-27534",
"CVE-2023-27535",
"CVE-2023-27536",
"CVE-2023-27537",
"CVE-2023-27538",
"CVE-2023-28319",
"CVE-2023-28320",
"CVE-2023-28321",
"CVE-2023-28322",
"CVE-2023-38039",
"CVE-2023-38545",
"CVE-2023-38546",
"CVE-2023-46218",
"CVE-2023-46219",
"CVE-2024-0853",
"CVE-2024-11053",
"CVE-2024-2004",
"CVE-2024-2379",
"CVE-2024-2398",
"CVE-2024-2466",
"CVE-2024-6197",
"CVE-2024-6874",
"CVE-2024-7264",
"CVE-2024-8096",
"CVE-2024-9681",
"CVE-2025-0167",
"CVE-2025-0665",
"CVE-2025-0725",
"CVE-2025-10148",
"CVE-2025-4947",
"CVE-2025-5025",
"CVE-2025-5399",
"CVE-2025-9086",
"CVE-2026-24515",
"CVE-2026-25210"
]
}
cleanstart-2026-bw46578
Vulnerability from cleanstart
Published
2026-04-01 09:55
Modified
2026-03-16 17:22
Summary
Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.16.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0
Details
Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "curl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.9.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BW46578",
"modified": "2026-03-16T17:22:25Z",
"published": "2026-04-01T09:55:26.061155Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BW46578.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.16.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0",
"upstream": [
"CVE-2014-0138",
"CVE-2014-0139",
"CVE-2016-5419",
"CVE-2016-5420",
"CVE-2016-5421",
"CVE-2016-7141",
"CVE-2016-7167",
"CVE-2016-8615",
"CVE-2016-8616",
"CVE-2016-8617",
"CVE-2016-8618",
"CVE-2016-8619",
"CVE-2016-8620",
"CVE-2016-8621",
"CVE-2016-8622",
"CVE-2016-8623",
"CVE-2016-8624",
"CVE-2016-8625",
"CVE-2016-9594",
"CVE-2017-1000099",
"CVE-2017-1000100",
"CVE-2017-1000101",
"CVE-2017-1000257",
"CVE-2017-2629",
"CVE-2017-7407",
"CVE-2017-7468",
"CVE-2017-8816",
"CVE-2017-8817",
"CVE-2017-8818",
"CVE-2018-0500",
"CVE-2018-1000120",
"CVE-2018-1000121",
"CVE-2018-1000122",
"CVE-2018-1000300",
"CVE-2018-1000301",
"CVE-2018-14618",
"CVE-2018-16839",
"CVE-2018-16840",
"CVE-2018-16842",
"CVE-2018-16890",
"CVE-2019-3822",
"CVE-2019-3823",
"CVE-2019-5435",
"CVE-2019-5436",
"CVE-2019-5481",
"CVE-2019-5482",
"CVE-2020-8169",
"CVE-2020-8177",
"CVE-2020-8231",
"CVE-2020-8284",
"CVE-2020-8285",
"CVE-2020-8286",
"CVE-2021-22876",
"CVE-2021-22890",
"CVE-2021-22897",
"CVE-2021-22898",
"CVE-2021-22901",
"CVE-2021-22922",
"CVE-2021-22923",
"CVE-2021-22924",
"CVE-2021-22925",
"CVE-2021-22945",
"CVE-2021-22946",
"CVE-2021-22947",
"CVE-2022-22576",
"CVE-2022-27774",
"CVE-2022-27775",
"CVE-2022-27776",
"CVE-2022-27778",
"CVE-2022-27779",
"CVE-2022-27780",
"CVE-2022-27781",
"CVE-2022-27782",
"CVE-2022-30115",
"CVE-2022-32205",
"CVE-2022-32206",
"CVE-2022-32207",
"CVE-2022-32208",
"CVE-2022-32221",
"CVE-2022-35252",
"CVE-2022-35260",
"CVE-2022-42915",
"CVE-2022-42916",
"CVE-2022-43551",
"CVE-2022-43552",
"CVE-2023-23914",
"CVE-2023-23915",
"CVE-2023-23916",
"CVE-2023-27533",
"CVE-2023-27534",
"CVE-2023-27535",
"CVE-2023-27536",
"CVE-2023-27537",
"CVE-2023-27538",
"CVE-2023-28319",
"CVE-2023-28320",
"CVE-2023-28321",
"CVE-2023-28322",
"CVE-2023-38039",
"CVE-2023-38545",
"CVE-2023-38546",
"CVE-2023-46218",
"CVE-2023-46219",
"CVE-2024-0853",
"CVE-2024-11053",
"CVE-2024-2004",
"CVE-2024-2379",
"CVE-2024-2398",
"CVE-2024-2466",
"CVE-2024-6197",
"CVE-2024-6874",
"CVE-2024-7264",
"CVE-2024-8096",
"CVE-2024-9681",
"CVE-2025-0167",
"CVE-2025-0665",
"CVE-2025-0725",
"CVE-2025-10148",
"CVE-2025-4947",
"CVE-2025-5025",
"CVE-2025-5399",
"CVE-2025-9086",
"CVE-2026-24515",
"CVE-2026-25210"
]
}
cleanstart-2026-lq42192
Vulnerability from cleanstart
Published
2026-04-01 09:55
Modified
2026-03-16 17:19
Summary
Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.18.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0
Details
Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "curl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.9.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LQ42192",
"modified": "2026-03-16T17:19:31Z",
"published": "2026-04-01T09:55:24.898216Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LQ42192.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.18.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0",
"upstream": [
"CVE-2014-0138",
"CVE-2014-0139",
"CVE-2016-5419",
"CVE-2016-5420",
"CVE-2016-5421",
"CVE-2016-7141",
"CVE-2016-7167",
"CVE-2016-8615",
"CVE-2016-8616",
"CVE-2016-8617",
"CVE-2016-8618",
"CVE-2016-8619",
"CVE-2016-8620",
"CVE-2016-8621",
"CVE-2016-8622",
"CVE-2016-8623",
"CVE-2016-8624",
"CVE-2016-8625",
"CVE-2016-9594",
"CVE-2017-1000099",
"CVE-2017-1000100",
"CVE-2017-1000101",
"CVE-2017-1000257",
"CVE-2017-2629",
"CVE-2017-7407",
"CVE-2017-7468",
"CVE-2017-8816",
"CVE-2017-8817",
"CVE-2017-8818",
"CVE-2018-0500",
"CVE-2018-1000120",
"CVE-2018-1000121",
"CVE-2018-1000122",
"CVE-2018-1000300",
"CVE-2018-1000301",
"CVE-2018-14618",
"CVE-2018-16839",
"CVE-2018-16840",
"CVE-2018-16842",
"CVE-2018-16890",
"CVE-2019-3822",
"CVE-2019-3823",
"CVE-2019-5435",
"CVE-2019-5436",
"CVE-2019-5481",
"CVE-2019-5482",
"CVE-2020-8169",
"CVE-2020-8177",
"CVE-2020-8231",
"CVE-2020-8284",
"CVE-2020-8285",
"CVE-2020-8286",
"CVE-2021-22876",
"CVE-2021-22890",
"CVE-2021-22897",
"CVE-2021-22898",
"CVE-2021-22901",
"CVE-2021-22922",
"CVE-2021-22923",
"CVE-2021-22924",
"CVE-2021-22925",
"CVE-2021-22945",
"CVE-2021-22946",
"CVE-2021-22947",
"CVE-2022-22576",
"CVE-2022-27774",
"CVE-2022-27775",
"CVE-2022-27776",
"CVE-2022-27778",
"CVE-2022-27779",
"CVE-2022-27780",
"CVE-2022-27781",
"CVE-2022-27782",
"CVE-2022-30115",
"CVE-2022-32205",
"CVE-2022-32206",
"CVE-2022-32207",
"CVE-2022-32208",
"CVE-2022-32221",
"CVE-2022-35252",
"CVE-2022-35260",
"CVE-2022-42915",
"CVE-2022-42916",
"CVE-2022-43551",
"CVE-2022-43552",
"CVE-2023-23914",
"CVE-2023-23915",
"CVE-2023-23916",
"CVE-2023-27533",
"CVE-2023-27534",
"CVE-2023-27535",
"CVE-2023-27536",
"CVE-2023-27537",
"CVE-2023-27538",
"CVE-2023-28319",
"CVE-2023-28320",
"CVE-2023-28321",
"CVE-2023-28322",
"CVE-2023-38039",
"CVE-2023-38545",
"CVE-2023-38546",
"CVE-2023-46218",
"CVE-2023-46219",
"CVE-2024-0853",
"CVE-2024-11053",
"CVE-2024-2004",
"CVE-2024-2379",
"CVE-2024-2398",
"CVE-2024-2466",
"CVE-2024-6197",
"CVE-2024-6874",
"CVE-2024-7264",
"CVE-2024-8096",
"CVE-2024-9681",
"CVE-2025-0167",
"CVE-2025-0665",
"CVE-2025-0725",
"CVE-2025-10148",
"CVE-2025-4947",
"CVE-2025-5025",
"CVE-2025-5399",
"CVE-2025-9086",
"CVE-2026-24515",
"CVE-2026-25210"
]
}
cleanstart-2026-of85770
Vulnerability from cleanstart
Published
2026-04-01 09:57
Modified
2026-03-13 12:43
Summary
Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0
Details
Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "curl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.9.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-OF85770",
"modified": "2026-03-13T12:43:33Z",
"published": "2026-04-01T09:57:04.724781Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OF85770.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0",
"upstream": [
"CVE-2014-0138",
"CVE-2014-0139",
"CVE-2016-5419",
"CVE-2016-5420",
"CVE-2016-5421",
"CVE-2016-7141",
"CVE-2016-7167",
"CVE-2016-8615",
"CVE-2016-8616",
"CVE-2016-8617",
"CVE-2016-8618",
"CVE-2016-8619",
"CVE-2016-8620",
"CVE-2016-8621",
"CVE-2016-8622",
"CVE-2016-8623",
"CVE-2016-8624",
"CVE-2016-8625",
"CVE-2016-9594",
"CVE-2017-1000099",
"CVE-2017-1000100",
"CVE-2017-1000101",
"CVE-2017-1000257",
"CVE-2017-2629",
"CVE-2017-7407",
"CVE-2017-7468",
"CVE-2017-8816",
"CVE-2017-8817",
"CVE-2017-8818",
"CVE-2018-0500",
"CVE-2018-1000120",
"CVE-2018-1000121",
"CVE-2018-1000122",
"CVE-2018-1000300",
"CVE-2018-1000301",
"CVE-2018-14618",
"CVE-2018-16839",
"CVE-2018-16840",
"CVE-2018-16842",
"CVE-2018-16890",
"CVE-2019-3822",
"CVE-2019-3823",
"CVE-2019-5435",
"CVE-2019-5436",
"CVE-2019-5481",
"CVE-2019-5482",
"CVE-2020-8169",
"CVE-2020-8177",
"CVE-2020-8231",
"CVE-2020-8284",
"CVE-2020-8285",
"CVE-2020-8286",
"CVE-2021-22876",
"CVE-2021-22890",
"CVE-2021-22897",
"CVE-2021-22898",
"CVE-2021-22901",
"CVE-2021-22922",
"CVE-2021-22923",
"CVE-2021-22924",
"CVE-2021-22925",
"CVE-2021-22945",
"CVE-2021-22946",
"CVE-2021-22947",
"CVE-2022-22576",
"CVE-2022-27774",
"CVE-2022-27775",
"CVE-2022-27776",
"CVE-2022-27778",
"CVE-2022-27779",
"CVE-2022-27780",
"CVE-2022-27781",
"CVE-2022-27782",
"CVE-2022-30115",
"CVE-2022-32205",
"CVE-2022-32206",
"CVE-2022-32207",
"CVE-2022-32208",
"CVE-2022-32221",
"CVE-2022-35252",
"CVE-2022-35260",
"CVE-2022-42915",
"CVE-2022-42916",
"CVE-2022-43551",
"CVE-2022-43552",
"CVE-2023-23914",
"CVE-2023-23915",
"CVE-2023-23916",
"CVE-2023-27533",
"CVE-2023-27534",
"CVE-2023-27535",
"CVE-2023-27536",
"CVE-2023-27537",
"CVE-2023-27538",
"CVE-2023-28319",
"CVE-2023-28320",
"CVE-2023-28321",
"CVE-2023-28322",
"CVE-2023-38039",
"CVE-2023-38545",
"CVE-2023-38546",
"CVE-2023-46218",
"CVE-2023-46219",
"CVE-2024-0853",
"CVE-2024-11053",
"CVE-2024-2004",
"CVE-2024-2379",
"CVE-2024-2398",
"CVE-2024-2466",
"CVE-2024-6197",
"CVE-2024-6874",
"CVE-2024-7264",
"CVE-2024-8096",
"CVE-2024-9681",
"CVE-2025-0167",
"CVE-2025-0665",
"CVE-2025-0725",
"CVE-2025-10148",
"CVE-2025-4947",
"CVE-2025-5025",
"CVE-2025-5399",
"CVE-2025-9086"
]
}
CNVD-2017-28784
Vulnerability from cnvd - Published: 2017-09-29
VLAI Severity ?
Title
Haxx curl信息泄露漏洞
Description
Haxx curl是瑞典Haxx公司的一套利用URL语法在命令行下工作的文件传输工具,该工具支持文件上传和下载,并包含一个用于程序开发的libcurl(客户端URL传输库)。
Haxx curl 7.34.0版本至7.54.1版本中存在信息泄露漏洞。攻击者可利用该漏洞获取敏感信息。
Severity
中
Patch Name
Haxx curl信息泄露漏洞的补丁
Patch Description
Haxx curl是瑞典Haxx公司的一套利用URL语法在命令行下工作的文件传输工具,该工具支持文件上传和下载,并包含一个用于程序开发的libcurl(客户端URL传输库)。
Haxx curl 7.34.0版本至7.54.1版本中存在信息泄露漏洞。攻击者可利用该漏洞获取敏感信息。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://curl.haxx.se/docs/adv_20170809A.html
Reference
https://curl.haxx.se/docs/adv_20170809A.html
Impacted products
| Name | Haxx cURL >=7.34.0,<=7.54.1 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-1000101"
}
},
"description": "Haxx curl\u662f\u745e\u5178Haxx\u516c\u53f8\u7684\u4e00\u5957\u5229\u7528URL\u8bed\u6cd5\u5728\u547d\u4ee4\u884c\u4e0b\u5de5\u4f5c\u7684\u6587\u4ef6\u4f20\u8f93\u5de5\u5177\uff0c\u8be5\u5de5\u5177\u652f\u6301\u6587\u4ef6\u4e0a\u4f20\u548c\u4e0b\u8f7d\uff0c\u5e76\u5305\u542b\u4e00\u4e2a\u7528\u4e8e\u7a0b\u5e8f\u5f00\u53d1\u7684libcurl\uff08\u5ba2\u6237\u7aefURL\u4f20\u8f93\u5e93\uff09\u3002\r\n\r\nHaxx curl 7.34.0\u7248\u672c\u81f37.54.1\u7248\u672c\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
"discovererName": "Brian Carpenter and Yongji Ouyang (independently of each other)",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://curl.haxx.se/docs/adv_20170809A.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-28784",
"openTime": "2017-09-29",
"patchDescription": "Haxx curl\u662f\u745e\u5178Haxx\u516c\u53f8\u7684\u4e00\u5957\u5229\u7528URL\u8bed\u6cd5\u5728\u547d\u4ee4\u884c\u4e0b\u5de5\u4f5c\u7684\u6587\u4ef6\u4f20\u8f93\u5de5\u5177\uff0c\u8be5\u5de5\u5177\u652f\u6301\u6587\u4ef6\u4e0a\u4f20\u548c\u4e0b\u8f7d\uff0c\u5e76\u5305\u542b\u4e00\u4e2a\u7528\u4e8e\u7a0b\u5e8f\u5f00\u53d1\u7684libcurl\uff08\u5ba2\u6237\u7aefURL\u4f20\u8f93\u5e93\uff09\u3002\r\n\r\nHaxx curl 7.34.0\u7248\u672c\u81f37.54.1\u7248\u672c\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Haxx curl\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Haxx cURL \u003e=7.34.0\uff0c\u003c=7.54.1"
},
"referenceLink": "https://curl.haxx.se/docs/adv_20170809A.html",
"serverity": "\u4e2d",
"submitTime": "2017-08-17",
"title": "Haxx curl\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}
FKIE_CVE-2017-1000101
Vulnerability from fkie_nvd - Published: 2017-10-05 01:29 - Updated: 2026-05-13 00:24
Severity ?
Summary
curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.debian.org/security/2017/dsa-3992 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/100249 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1039117 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:3558 | ||
| cve@mitre.org | https://curl.haxx.se/docs/adv_20170809A.html | Issue Tracking, Vendor Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201709-14 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://support.apple.com/HT208221 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3992 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100249 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039117 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3558 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://curl.haxx.se/docs/adv_20170809A.html | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201709-14 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT208221 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| haxx | curl | 7.4.1 | |
| haxx | curl | 7.35.0 | |
| haxx | curl | 7.36.0 | |
| haxx | curl | 7.37.0 | |
| haxx | curl | 7.37.1 | |
| haxx | curl | 7.38.0 | |
| haxx | curl | 7.39.0 | |
| haxx | curl | 7.40.0 | |
| haxx | curl | 7.41.0 | |
| haxx | curl | 7.42.0 | |
| haxx | curl | 7.42.1 | |
| haxx | curl | 7.43.0 | |
| haxx | curl | 7.44.0 | |
| haxx | curl | 7.45.0 | |
| haxx | curl | 7.46.0 | |
| haxx | curl | 7.47.0 | |
| haxx | curl | 7.47.1 | |
| haxx | curl | 7.48.0 | |
| haxx | curl | 7.49.0 | |
| haxx | curl | 7.49.1 | |
| haxx | curl | 7.50.0 | |
| haxx | curl | 7.50.1 | |
| haxx | curl | 7.50.2 | |
| haxx | curl | 7.50.3 | |
| haxx | curl | 7.51.0 | |
| haxx | curl | 7.52.0 | |
| haxx | curl | 7.52.1 | |
| haxx | curl | 7.53.0 | |
| haxx | curl | 7.53.1 | |
| haxx | curl | 7.54.0 | |
| haxx | curl | 7.54.1 | |
| haxx | curl | 7.55.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7E5201-24A0-4CEF-84D2-76DB195D3A8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D558CC2-0146-4887-834E-19FCB1D512A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6931764D-16AB-4546-9CE3-5B4E03BC984A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC1313E-8DCB-4B29-A9BC-A27C8CB360E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B27C2E02-5C0A-4A12-B0A6-5B1C0DFA94E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFC7535F-B8C7-490F-A2F9-1DCFD41A3C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCBFE6D-F6A9-4394-9AF8-F830DC7E6A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEBBFCA-6A18-4F8F-B841-50255C952FA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FEEAE437-A645-468B-B283-44799658F534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03F7EE95-4EBE-4306-ADFE-A1A92CAD5F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79F7AE71-7A18-4737-9C02-0A3343B3AD4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC589DE6-773A-43E8-9393-3083DB545671",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24D735EA-04E3-47E7-A859-3CC1ED887E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*",
"matchCriteriaId": "063C1A70-0869-4933-88D7-ECE7ACCF0F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*",
"matchCriteriaId": "70B0A020-3DA1-4753-B810-C60E7CA06839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63A18050-0DA7-400A-B564-AC9A020D57CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D168A62-A5B0-4BA8-8243-1AAF3B395567",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11D8B02D-5A97-4F9A-8EE8-D60D621E0B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DC2429-0B58-4D68-9337-0077C4493714",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D5B7BD-2B9D-40AB-B13A-393FF0007A8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2AFED4D-0672-467F-999C-9D6C3722B8C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDCCD2D-3D98-4FC3-BAB5-3D09A0CAD12C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA228CD-70CF-41FC-98F6-38194466CC32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EFDE2415-78F8-4A36-AA9B-6EA8DCE399AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA05266-35B6-422D-AE73-4C934B4F5091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2AB70F1-D6A9-4ADF-A506-4C9DEE8AE754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2FDF0C-6493-4BE1-851E-0D8CE94E36B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA9D7F9-A972-41A8-9561-DB72E37184F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*",
"matchCriteriaId": "641ACFC8-BDE2-42AC-8B3D-EF78695AD750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8629C630-14E0-4C94-BBD1-B5203488A6FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31C6D873-9770-4FD0-AC75-4D6C06FC4A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CADB89B4-7218-4E2B-BB94-8CCEB79FB3F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "curl supports \"globbing\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`."
},
{
"lang": "es",
"value": "curl es compatible con el \"globbing\" de URL, donde un usuario puede pasar un rango num\u00e9rico para hacer que la herramienta itere sobre esos n\u00fameros para realizar una secuencia de transferencias. En la funci\u00f3n de \"globbing\" que analiza sint\u00e1cticamente el rango num\u00e9rico, hay una omisi\u00f3n que hace que curl lea un byte m\u00e1s all\u00e1 del fin de la URL si se proporciona una URL manipulada o simplemente mal escrita. La URL se almacena en un b\u00fafer basado en memoria din\u00e1mica (heap) para que se pueda hacer luego de tal manera que lea err\u00f3neamente otra cosa en vez de cerrarse inesperadamente. A continuaci\u00f3n se muestra un ejemplo de una URL que desencadena este fallo: \"http://ur%20[0-60000000000000000000\"."
}
],
"id": "CVE-2017-1000101",
"lastModified": "2026-05-13T00:24:29.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2017-10-05T01:29:04.103",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3992"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100249"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039117"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://curl.haxx.se/docs/adv_20170809A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-14"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/HT208221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://curl.haxx.se/docs/adv_20170809A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208221"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…