Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

curl: escape and unescape integer overflows

🗓️ 13 Nov 2018 08:36:35Reported by RedHatType 
redhat
 redhat🔗 access.redhat.com👁 1 Views

Integer overflow flaws in curl escaping and unescaping cause heap overflows that crash apps using libcurl.

Related
Packages
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins		IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index
31 Jan 202100:10
ibm
IBM Security Bulletins		Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in Curl (CVE-2016-7167)
16 Jun 201822:02
ibm
IBM Security Bulletins		Security Bulletin: A vulnerability in curl affects PowerKVM
18 Jun 201801:37
ibm
IBM Security Bulletins		Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in curl
31 Jan 201902:25
ibm
IBM Security Bulletins		Security Bulletin: IBM Security Access Manager Appliance is affected by a cURL vulnerability (CVE-2016-7167)
16 Jun 201822:05
ibm
ALT Linux		Security fix for the ALT Linux 8 package curl version 7.50.3-alt1
14 Sep 201600:00
altlinux
Tenable Nessus		cURL/libcurl 7.x < 7.50.3 RCE
9 Dec 201600:00
nessus
Tenable Nessus		Amazon Linux AMI : curl (ALAS-2016-742)
28 Sep 201600:00
nessus
Tenable Nessus		CentOS 7 : curl (CESA-2017:2016)
25 Aug 201700:00
nessus
Tenable Nessus		Debian DLA-1568-1 : curl security update
7 Nov 201800:00
nessus
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Red Hat Enterprise Linux6x86_64httpd24-curl0:7.61.1-1.el6httpd24-curl-0:7.61.1-1.el6.x86_64.rpm
Red Hat Enterprise Linux7aarch64httpd24-curl0:7.61.1-1.el7httpd24-curl-0:7.61.1-1.el7.aarch64.rpm
Red Hat Enterprise Linux7ppc64lehttpd24-curl0:7.61.1-1.el7httpd24-curl-0:7.61.1-1.el7.ppc64le.rpm
Red Hat Enterprise Linux7s390xhttpd24-curl0:7.61.1-1.el7httpd24-curl-0:7.61.1-1.el7.s390x.rpm
Red Hat Enterprise Linux7x86_64httpd24-curl0:7.61.1-1.el7httpd24-curl-0:7.61.1-1.el7.x86_64.rpm
Red Hat Enterprise Linux6x86_64httpd24-curl-debuginfo0:7.61.1-1.el6httpd24-curl-debuginfo-0:7.61.1-1.el6.x86_64.rpm
Red Hat Enterprise Linux7aarch64httpd24-curl-debuginfo0:7.61.1-1.el7httpd24-curl-debuginfo-0:7.61.1-1.el7.aarch64.rpm
Red Hat Enterprise Linux7ppc64lehttpd24-curl-debuginfo0:7.61.1-1.el7httpd24-curl-debuginfo-0:7.61.1-1.el7.ppc64le.rpm
Red Hat Enterprise Linux7s390xhttpd24-curl-debuginfo0:7.61.1-1.el7httpd24-curl-debuginfo-0:7.61.1-1.el7.s390x.rpm
Red Hat Enterprise Linux7x86_64httpd24-curl-debuginfo0:7.61.1-1.el7httpd24-curl-debuginfo-0:7.61.1-1.el7.x86_64.rpm
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
14 May 2026 22:24Current
7.5High risk
Vulners AI Score7.5
CVSS 27.5
CVSS 39.8
EPSS0.02257
CWE-190
curl overflowescaping overflowlibcurl crashheap overflow
1