Total
61 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6422 | 3 Canonical, Debian, Haxx | 3 Ubuntu Linux, Debian Linux, Libcurl | 2016-04-07 | 4.0 MEDIUM | N/A |
| The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks. | |||||