CVE-2016-7141

curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has been set, a different vulnerability than CVE-2016-5420.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*

Information

Published : 2016-10-03 14:59

Updated : 2018-11-13 03:29


NVD link : CVE-2016-7141

Mitre link : CVE-2016-7141


JSON object : View

CWE
CWE-287

Improper Authentication

Advertisement

dedicated server usa

Products Affected

haxx

  • libcurl

opensuse

  • leap