Back to search
CVE-2014-8150
Published: Jan 15, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
62361
third-party-advisory
x_refsource_SECUNIA
https://kc.mcafee.com/corporate/index?page=content&id=SB10131
x_refsource_CONFIRM
FEDORA-2015-6853
vendor-advisory
x_refsource_FEDORA
http://advisories.mageia.org/MGASA-2015-0020.html
x_refsource_CONFIRM
71964
vdb-entry
x_refsource_BID
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
x_refsource_CONFIRM
1032768
vdb-entry
x_refsource_SECTRACK
FEDORA-2015-0418
vendor-advisory
x_refsource_FEDORA
http://curl.haxx.se/docs/adv_20150108B.html
x_refsource_CONFIRM
APPLE-SA-2015-08-13-2
vendor-advisory
x_refsource_APPLE
RHSA-2015:1254
vendor-advisory
x_refsource_REDHAT
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743
x_refsource_CONFIRM
openSUSE-SU-2015:0248
vendor-advisory
x_refsource_SUSE
https://support.apple.com/kb/HT205031
x_refsource_CONFIRM
FEDORA-2015-0415
vendor-advisory
x_refsource_FEDORA
USN-2474-1
vendor-advisory
x_refsource_UBUNTU
GLSA-201701-47
vendor-advisory
x_refsource_GENTOO
FEDORA-2015-6864
vendor-advisory
x_refsource_FEDORA
MDVSA-2015:021
vendor-advisory
x_refsource_MANDRIVA
62075
third-party-advisory
x_refsource_SECUNIA
DSA-3122
vendor-advisory
x_refsource_DEBIAN
61925
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now