« List of all CVEs

CVE-2014-0015

Published: 2/2/2014 Last updated: 8/6/2024 Reserved: 12/3/2013

cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (3)

conf-libcurl conf-mingw-w64-curl-i686 conf-mingw-w64-curl-x86_64

Products affected (1)

Product	Vendor	Version
n/a	n/a	7.0.2.1

References (50)