Curl Wednesday November 2nd eleven security advisories


NAS

Recommended Posts

  • 2 weeks later...

CVE-2016-8615: cookie injection for other servers

CVE-2016-8616: case insensitive password comparison

CVE-2016-8617: OOB write via unchecked multiplication

CVE-2016-8618: double-free in curl_maprintf

CVE-2016-8619: double-free in krb5 code

CVE-2016-8620: glob parser write/read out of bounds

CVE-2016-8621: curl_getdate read out of bounds

CVE-2016-8622: URL unescape heap overflow via integer truncation

CVE-2016-8623: Use-after-free via shared cookies

CVE-2016-8624: invalid URL parsing with '#'

CVE-2016-8625: IDNA 2003 makes curl use wrong host

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.