Lucene search
K

4 matches found

OSV
OSV
added 2026/05/08 11:36 a.m.8 views

CLSA-2026-1778223262 curl: Fix of 3 CVEs

CVE-2016-8618: fix double-free in curlmaprintf - CVE-2016-8619: fix double-free in krb5 code - CVE-2019-5482: fix heap buffer overflow in TFTP receive...

9.8CVSS7AI score0.17939EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Double Free (CVE-2022-42915)

curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request HTTP...

8.1CVSS6.9AI score0.02927EPSS
Exploits0References5
curl security advisories
curl security advisories
added 2022/10/26 8:0 a.m.8 views

HTTP proxy double free

If curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of protocol through. An HTTP proxy might refuse this request HTTP proxies often only allow outgoing...

8.1CVSS7.2AI score0.02927EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2019/09/11 8:0 a.m.6 views

CURL-CVE-2019-5481 FTP-KRB double free

libcurl can be told to use kerberos over FTP to a server, as set with the CURLOPTKRBLEVEL option. During such kerberos FTP data transfer, the server sends data to curl in blocks with the 32-bit size of each block first and then that amount of data immediately following. A malicious or broken serv...

9.8CVSS6.5AI score0.07266EPSS
Exploits0
Rows per page
Query Builder