FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
27f742f6-03f4-11e5-aab1-d050996490d0	cURL -- sensitive HTTP server headers also sent to proxies cURL reports: libcurl provides applications a way to set custom HTTP headers to be sent to the server by using CURLOPT_HTTPHEADER. A similar option is available for the curl command-line tool with the '--header' option. When the connection passes through an HTTP proxy the same set of headers is sent to the proxy as well by default. While this is by design, it has not necessarily been clear nor understood by application programmers. Discovery 2015-04-29 Entry 2015-05-26 curl < 7.42.1 CVE-2015-3153 http://curl.haxx.se/docs/adv_20150429.html

VuXML ID

Description

27f742f6-03f4-11e5-aab1-d050996490d0

cURL -- sensitive HTTP server headers also sent to proxies

cURL reports:

libcurl provides applications a way to set custom HTTP headers to be sent to the server by using CURLOPT_HTTPHEADER. A similar option is available for the curl command-line tool with the '--header' option.

When the connection passes through an HTTP proxy the same set of headers is sent to the proxy as well by default. While this is by design, it has not necessarily been clear nor understood by application programmers.

Discovery 2015-04-29
Entry 2015-05-26
curl

< 7.42.1

CVE-2015-3153
http://curl.haxx.se/docs/adv_20150429.html