Advisory ROSA-SA-2026-3138

Software: curl 7.61.1 OS: ROSA Virtualization 3.0 unaffected versions = curl-7.61.1-34.0.2.rv30.9 affected versions curl-7.61.1-34.0.2.rv30.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffe...

EUVD-2022-4541

Malicious code in bioql PyPI...

Advisory ROSA-SA-2025-2748

Software: curl 7.61.1 OS: ROSA Virtualization 2.1 packageevrstring: curl-7.61.1-34.0.2.rv3.2 CVE-ID: CVE-2022-32221 BDU-ID: 2022-07403 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the cURL command line utility is related to a logical error in the reused descriptor when processing subsequent...

[SECURITY] Fedora 41 Update: curl-8.9.1-3.fc41

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

ROS-20240708-21

Vulnerability in cURL command line utility is due to bugs in protocol removal logic. Exploitation The exploitation of the vulnerability may allow a remote intruder to gain access to protected information Vulnerability in the HTTP/2 network protocol implementation of the cURL command line utility ...

[SECURITY] Fedora 39 Update: curl-8.2.1-5.fc39

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

Exploit for Out-of-bounds Write in Haxx Libcurl

CVE-2023-38545 POC for the curl command line tool This POC i...

ROS-20220516-30

Vulnerability in the cURL command line utility is related to OAUTH2 connection reuse errors for SASL-enabled protocols such as SMPTPS, IMAPS, POP3S, and LDAPS openldap only. Exploitation of the vulnerability could allow an attacker acting remotely to reuse the OAUTH2 authenticated connections...

[SECURITY] Fedora 33 Update: curl-7.71.1-11.fc33

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

CVE-2021-22925

curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEWENV variables, libcurlcould be made to pass on uninitialized data from a stack based...

[SECURITY] Fedora 27 Update: curl-7.55.1-14.fc27

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

[ASA-201807-8] libcurl-compat: arbitrary code execution

Arch Linux Security Advisory ASA-201807-8 ========================================= Severity: High Date : 2018-07-16 CVE-ID : CVE-2018-0500 Package : libcurl-compat Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-733 Summary ======= The package libcurl-compa...

GHSA-RHGQ-VV9X-J4P5 lawn-login exposes database password to unauthorized users

The login function in lib/lawn.rb in the lawn-login gem 0.0.7 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process...

[SECURITY] Fedora 24 Update: curl-7.47.1-10.fc24

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

[SECURITY] Fedora 17 Update: curl-7.24.0-9.fc17

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

Fedora Update for curl FEDORA-2013-7813

Check for the Version of curl OpenVAS Vulnerability Test Fedora Update for curl FEDORA-2013-7813 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Fedora Update for curl FEDORA-2013-6766

Check for the Version of curl OpenVAS Vulnerability Test Fedora Update for curl FEDORA-2013-6766 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

[SECURITY] Fedora 19 Update: curl-7.29.0-5.fc19

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

CURL-CVE-2013-1944 cookie domain tailmatch

libcurl is vulnerable to a cookie leak vulnerability when doing requests across domains with matching tails. When communicating over HTTPS and having libcurl's cookie engine enabled, libcurl stores and holds cookies for use when subsequent requests are done to hosts and paths that match those kep...