CVE-2003-1605 — Curl vulnerability

CWE-2555 documents5 sources

Severity

7.5HIGHNVD

EPSS

0.4%

top 40.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 23

Latest updateApr 29

Description

curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

▶NVDhaxx/curl7.1.0 — 7.10.7

▶Debianhaxx/curl< 7.10.7-1+3

GHSA

GHSA-4f8m-5f89-p953: curl 7↗2022-04-29

▶

OSV

CVE-2003-1605: curl 7↗2018-08-23

▶

CVEList

CVE-2003-1605: curl 7↗2018-08-23

▶

Debian

CVE-2003-1605: curl - curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server.↗2003

▶