cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
11 May 2022, 09:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2014-11-18 15:59
Updated : 2023-12-10 11:31
NVD link : CVE-2014-3620
Mitre link : CVE-2014-3620
CVE.ORG link : CVE-2014-3620
JSON object : View
Products Affected
haxx
- curl
- libcurl
apple
- mac_os_x
CWE
CWE-310
Cryptographic Issues