CVE-2013-1944
Scores
EPSS
0.025very_low2.5%
0%20%40%60%80%100%
Percentile: 2.5%
CVSS
4.3medium2.0
0246810
CVSS Score: 4.3/10
All CVSS Scores
CVSS 2.0
4.3Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
AV:N
Attack Complexity
Medium
Describes the conditions beyond the attacker's control
AC:M
Authentication
None (N)
Describes the level of privileges an attacker must possess
Au:N
Confidentiality Impact
None (N)
Measures the impact to the confidentiality of information
C:N
Integrity Impact
Partial
Measures the impact to integrity of a successfully exploited vulnerability
I:P
Availability Impact
None (N)
Measures the impact to the availability of the impacted component
A:N
Description
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
Scaner-VS 7 — a modern vulnerability management solution
Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7Sources
anchore_overridesdebiannvdredhatubuntu
CWEs
CWE-200
Related Vulnerabilities
Exploits
Exploit ID: CVE-2009-3555
Source: github-poc
URL: https://github.com/johnwchadwick/cve-2009-3555-test-server
Exploit ID: CVE-2014-3570
Source: github-poc
URL: https://github.com/uthrasri/CVE-2014-3570_G2.5_openssl_no_patch
Exploit ID: CVE-2014-8275
Source: github-poc
Exploit ID: CVE-2015-0204
Source: github-poc
URL: https://github.com/AbhishekGhosh/FREAK-Attack-CVE-2015-0204-Testing-Script
Exploit ID: CVE-2015-0205
Source: github-poc
URL: https://github.com/saurabh2088/OpenSSL_1_0_1g_CVE-2015-0205
Vulnerable Software (9)
Type: Configuration
Operating System:
Trait:
{ "children": [ { "cpe_match": [ { "cpe23uri": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.30.0", "versionStartIncluding": "4.7"...
{ "children": [ { "cpe_match": [ { "cpe23uri": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.30.0", "versionStartIncluding": "4.7" } ], "negate": false, "operator": "OR" }, { "cpe_match": [ { "cpe23uri": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.30.0", "versionStartIncluding": "4.7" } ], "negate": false, "operator": "OR" } ], "operator": "OR"}
Source: anchore_overrides
Type: Configuration
Product: curl
Operating System: debian
Trait:
{ "fixed": "7.29.0-2.1"}
Source: debian
Type: Configuration
Product: curl
Operating System: debian wheezy 7
Trait:
{ "fixed": "7.26.0-1+wheezy2"}
Source: debian
Type: Configuration
Product: curl
Operating System: ubuntu hardy 8.04
Trait:
{ "fixed": "7.18.0-1ubuntu2.4"}
Source: ubuntu
Type: Configuration
Product: curl
Operating System: rhel 5
Trait:
{ "fixed": "7.15.5-16.el5_9"}
Source: redhat
Type: Configuration
Product: curl
Operating System: rhel 6
Trait:
{ "fixed": "7.19.7-36.el6_4"}
Source: redhat
Type: Configuration
Vendor: *
Product: curl
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "versionEndIncluding": "7.29.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:6....
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "versionEndIncluding": "7.29.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:6.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:6.1:beta:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:6.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:6.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:6.3.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:6.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:6.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:6.5.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:6.5.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.1.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.2.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.4.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.5.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.5.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.6.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.7:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.7.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.7.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.7.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.8.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.9:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.9.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.9.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.9.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.9.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.9.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.9.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.9.7:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.9.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.10:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.10.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.10.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.10.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.10.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.10.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.10.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.10.7:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.10.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.11.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.11.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.11.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.12.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.12.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.12.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.12.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.13.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.13.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.13.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.14.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.14.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.15.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.15.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.15.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.15.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.15.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.15.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.16.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.16.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.16.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.16.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.16.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.17.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.17.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.18.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.18.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.18.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.19.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.19.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.19.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.19.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.19.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.19.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.19.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.19.7:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.20.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.20.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.21.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.21.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.21.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.21.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.21.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.21.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.21.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.21.7:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.22.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.23.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.24.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.25.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.26.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.27.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.28.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:curl:7.28.1:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: *
Product: libcurl
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "versionEndIncluding": "7.29.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libc...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "versionEndIncluding": "7.29.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: *
Product: ubuntu_linux
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lt...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
End of list