CVE-2015-3153 - CERT CVE
ID CVE-2015-3153
Sažetak The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents.
Reference
CVSS
Base: 5.0
Impact: 2.9
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL NONE NONE
CVSS vektor AV:N/AC:L/Au:N/C:P/I:N/A:N
Zadnje važnije ažuriranje 17-10-2018 - 01:29
Objavljeno 01-05-2015 - 15:59