Information disclosure in libcurl - CVE-2018-1000007
Published: January 25, 2018
Vulnerability identifier: #VU10224
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-1000007
CWE-ID: CWE-200
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: curl.haxx.se
Affected software:
libcurl
libcurl
Detailed vulnerability description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker can send custom headers in an HTTP request and an HTTP 30X redirect response code, cause the application to send the custom headers to the server specified in the 'Location:' response header and obtain potentially sensitive authentication information from applications that use custom 'Authorization:' headers.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker can send custom headers in an HTTP request and an HTTP 30X redirect response code, cause the application to send the custom headers to the server specified in the 'Location:' response header and obtain potentially sensitive authentication information from applications that use custom 'Authorization:' headers.
How to mitigate CVE-2018-1000007
Update to version 7.58.0.