curl: Vulnerability fixed in Version 7.52.1

Submitted on 23. December 2016 - 14:23 by rischi.
Last update on 19. January 2017 - 14:57.

IDs:

CVE-2016-9594

Keywords:

curl

Description:

Curl released a new version 7.52.1 fixing one vulnerability [1].

Airlock WAF is not affected.

Details:

CVE-2016-9594: The vulnerability was introduced in libcurl version 7.52.0. A bad random value is generated and used for Digest and NTLM authentication. Airlock WAF is not affected because the vulnerable libcurl version is not being used.

Resolution:

no action required

Component:

Airlock

Airlock Vulnerability Status:

Does not affect Airlock

Back-end Vulnerability Status:

No action required

Reference:

[1] Curl vulnerability advisory for CVE-2016-9594

Main menu

Navigation

User menu

You are here

curl: Vulnerability fixed in Version 7.52.1

Main menu

Search form

Navigation

User menu

You are here

curl: Vulnerability fixed in Version 7.52.1