CVE-2015-3148
CVE-2015-3148 is a medium-severity vulnerability in Haxx Libcurl with a CVSS 2.0 base score of 5.0. Its EPSS exploit-prediction score of 18% places it in the 97th percentile, indicating an elevated likelihood of exploitation. The underlying weakness is classified as CWE-284.
Key facts
- Severity: Medium (CVSS 2.0 base score 5.0)
- EPSS exploit prediction: 18% (97th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-284
- Affected product: Haxx Libcurl
- Published:
- Last modified:
Description
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
Frequently asked questions
- What is CVE-2015-3148?
- cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
- How severe is CVE-2015-3148?
- CVE-2015-3148 has a CVSS 2.0 base score of 5.0, rated medium severity.
- Is CVE-2015-3148 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 18% (97th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2015-3148?
- CVE-2015-3148 primarily affects Haxx Libcurl. In total, 159 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2015-3148?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2015-3148 published?
- CVE-2015-3148 was published on 2015-04-24 and last updated on 2026-06-17.
References
- http://advisories.mageia.org/MGASA-2015-0179.html
- http://curl.haxx.se/docs/adv_20150422B.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743
- http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html
- http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html
- http://marc.info/?l=bugtraq&m=145612005512270&w=2
- http://rhn.redhat.com/errata/RHSA-2015-1254.html
- http://www.debian.org/security/2015/dsa-3232
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:219
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:220
- http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/74301
- http://www.securitytracker.com/id/1032232
- http://www.ubuntu.com/usn/USN-2591-1
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
- https://security.gentoo.org/glsa/201509-02
- https://support.apple.com/kb/HT205031
Affected products (159)
- cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*
More vulnerabilities in Haxx Libcurl
- CVE-2023-38545 — Critical (CVSS 9.8): This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the…
- CVE-2019-3822 — Critical (CVSS 9.8): libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an…
- CVE-2017-8818 — Critical (CVSS 9.8): curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access…
- CVE-2017-8817 — Critical (CVSS 9.8): The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service…
- CVE-2017-8816 — Critical (CVSS 9.8): The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a…
- CVE-2016-7167 — Critical (CVSS 9.8): Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape…
All CVEs affecting Haxx Libcurl →
Other CWE-284 (Improper Access Control) vulnerabilities
- CVE-2026-50746 — Critical (CVSS 10.0): A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi…
- CVE-2026-46978 — Critical (CVSS 10.0): Vulnerability in the Oracle Solaris product of Oracle Systems (component: Remote Administration Daemon). The…
- CVE-2026-35308 — Critical (CVSS 10.0): Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars).…
- CVE-2026-35307 — Critical (CVSS 10.0): Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that…
- CVE-2026-46695 — Critical (CVSS 10.0): Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers…
- CVE-2026-46840 — Critical (CVSS 10.0): Vulnerability in Oracle REST Data Services (component: Backend-as-a-Service). Supported versions that are affected are…
Browse all CWE-284 (Improper Access Control) vulnerabilities →