CVE-2017-2628 in Enterprise Linuxinfo

Summary

curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

12/01/2016

Disclosure

03/12/2018

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-284

CVSS

8.5

EPSS

0.00831

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-2628
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-2628
CVE Details	https://www.cvedetails.com/cve/CVE-2017-2628/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!