A denial of service vulnerability exists in curl

🗓️ 27 Jan 2026 00:00:00Reported by Broadcom Security ResponseType

broadcom

broadcom🔗 support.broadcom.com👁 9 Views

Curl denial of service before 8.1.0 via synchronous resolver due to a non mutex protected buffer.

Reporter	Title	Published	Views	Family All 117
IBM Security Bulletins	Security Bulletin: IBM MaaS360 Cloud Extender Agent, Configuration Utility, Certificate, and Base Module affected by multiple vulnerabilities (CVE-2023-28322, CVE-2023-28320, CVE-2023-28319, CVE-2023-28321)	2 Oct 202316:16	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities	24 Jul 202317:54	–	ibm
IBM Security Bulletins	Security Bulletin: Execution Engine for Apache Hadoop is vulnerable to heap-based buffer overflow and remote attacker to bypass security restrictions	20 Feb 202503:40	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in libcurl, cURL and Linux Kernel might affect IBM Storage Copy Data Management	14 Jun 202416:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.8	18 Oct 202407:56	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Curl affect PowerSC	25 Sep 202320:08	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in libcURL affect IBM Rational ClearCase.	1 Mar 202406:47	–	ibm
FreeBSD	curl -- multiple vulnerabilities	21 Mar 202300:00	–	freebsd
ATTACKERKB	CVE-2023-28320	26 May 202321:15	–	attackerkb
AlpineLinux	CVE-2023-28320	26 May 202300:00	–	alpinelinux

27 Jan 2026 19:10Current

6Medium risk

Vulners AI Score6

CVSS 3.15.9

EPSS0.00641

curl denial of service synchronous resolver unprotected buffer