CVE-2016-8625

curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host.
Configurations

Configuration 1 (hide)

cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*

History

29 Jun 2021, 15:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E -

Information

Published : 2018-08-01 06:29

Updated : 2024-02-04 20:03


NVD link : CVE-2016-8625

Mitre link : CVE-2016-8625

CVE.ORG link : CVE-2016-8625


JSON object : View

Products Affected

haxx

  • curl
CWE
CWE-20

Improper Input Validation