Lucene search
K

4 matches found

Redos
Redos
added 2026/05/29 12:0 a.m.16 views

ROS-20260529-73-0018

The vulnerability of the sscanf function in the libcurl library, a software tool for interacting with servers via CURL, is related to the use of uninitialized resources. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

3.1CVSS5.8AI score0.04385EPSS
Exploits1
Snyk
Snyk
added 2026/04/29 12:0 a.m.5 views

Cleartext Transmission of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information due to the incorrect reuse of an unencrypted connection for a subsequent request that expects TLS. An attacker can intercept sensitive information if the second connection is done to the...

6CVSS5.8AI score0.00329EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/07/24 12:0 a.m.4 views

libcurl 安全漏洞

libcurl is a free and easy-to-use client-side URL transport library from the cURL open source. A security vulnerability exists in libcurl ASN1 versions 8.6.0 through 8.8.0 that stems from the utf8asn1str function calling free to free a 4-byte local stack buffer when an invalid field is detected a...

7.5CVSS7.1AI score0.04296EPSS
Exploits1References8
OSV
OSV
added 2023/03/30 8:15 p.m.11 views

AZL-25846 CVE-2023-27535 affecting package curl for versions less than 8.0.1-1

An authentication bypass vulnerability exists in libcurl 8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain...

5.9CVSS6.7AI score0.01607EPSS
Exploits1References1
Rows per page
Query Builder