JLSEC-2026-426 When using `CURLOPT_PINNEDPUBLICKEY` option with libcurl or `--pinnedpubkey` with the curl tool...

When using CURLOPTPINNEDPUBLICKEY option with libcurl or --pinnedpubkey with the curl tool,curl should check the public key of the server certificate to verify the peer. This check was skipped in a certain condition that would then make curl allow the connection without performing the proper chec...

[SECURITY] Fedora 43 Update: curl-8.15.0-6.fc43

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

CVE-2025-13034

When using CURLOPTPINNEDPUBLICKEY option with libcurl or --pinnedpubkey with the curl tool,curl should check the public key of the server certificate to verify the peer. This check was skipped in a certain condition that would then make curl allow the connection without performing the proper chec...

📄 IBM BigFix Platform 9.2 Information Disclosure

IBM BigFix Platform version 9.2 information gathering proof of concept exploit. ============================================================================================================================================= | Title : IBM BigFix Platform 9.2 gather information Vulnerability | | Auth...

curl: Double free in tool_ssls_load()

Summary: There is a double-free bugs in toolsslsload, which can happen at line 83-84 or 129-130 toolssls.c: c curlfreeshmac; curlfreesdata; The root cause is that line 83-84 did not reset shmac and sdata to NULL. If the seesion is malformed, the double-free will be triggerd. No AI was used to fin...

[SECURITY] Fedora 41 Update: curl-8.9.1-4.fc41

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to improper validation in the path comparison process. An attacker can cause a crash or override the contents of a secure cookie by setting a cookie with the secure keyword for an HTTPS site, then redirecting to t...

curl: Heap-buffer-overflow (Out-of-Bounds Read) in DoH hostname encoding

Summary: I found a heap-buffer-overflow in the dohreqencode function in lib/doh.c. The bug happens when curl processes a DNS-over-HTTPS request for a hostname that is an empty string. The code gets the string length as 0, then tries to access hostlen - 1, which becomes host-1. This is an...

awesome-oneliner-bugbounty

This repository is an offensive tool for bug bounty hunting. It contains a collection of one-liner scripts for identifying vulnerabilities, particularly for bug bounty tips. The primary CVE ID present in the context is not explicitly mentioned, but the repository includes scripts for Local File...

OESA-2025-1025 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability has been found in cURL Network Utility Software and classified as problematic. Affected by this vulnerability is an unknown cod...

[SECURITY] Fedora 40 Update: curl-8.6.0-9.fc40

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

The vulnerability lies in the implementation of the HTTP/2 utility in the command-line tool cURL, which allows a attacker to cause a service failure.

The vulnerability of the HTTP/2 command-line utility implementation in CURL is related to memory leak errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

The vulnerability of the cURL command-line utility lies in the lack of protection for service data, allowing attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the command-line tool cURL relates to the installation of “superbug files” in Curl, which are then transmitted back to a larger number of sources. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality and integrity of the protected informati...

curl 缓冲区错误漏洞

cURL is a network data transfer project. Usually when we say cURL, we mean the cURL command line tool. cURL's underlying use is the libcurl library. A heap overflow vulnerability exists in cURL SOCKS5, which can be exploited by an attacker to construct a malicious hostname and cause code executio...

curl: IDN wildcard match may lead to Improper Cerificate Validation

A flaw was found in the Curl package. An incorrect International Domain Name IDN wildcard match may lead to improper certificate validation...

Exploring New Techniques of Fake Browser Updates Leading to NetSupport RAT

Exploring New Techniques of Fake Browser Updates Leading to NetSupport RAT By Jonell Baltazar and Antonio Ribeiro · August 10, 2023 Trellix detected an ongoing campaign using fake Chrome browser updates to lure victims to install a remote administration software tool called NetSupport Manager...

The vulnerability of the curl command-line utility’s syntax lies in the improper replacement of the tilde symbol (~) when used as a prefix in the first element of a path. This allows an attacker to bypass filtering or execute arbitrary code.

The vulnerability of the curl command-line utility is related to the incorrect replacement of the tilde symbol when it is used as a prefix in the first element of a path. This occurs in addition to its supposed use as the first element for specifying a path relative to the user’s home directory...

SUSE CVE-2021-22923

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...

curl: CVE-2023-23914: curl HSTS ignored on multiple requests

A vulnerability was found in curl tool's HSTS feature, where it failed to work correctly when multiple requests were made within a single invocation, resulting in requests being performed over insecure channels, potentially leading to loss of confidentiality and integrity...

The vulnerability of the cURL command-line utility, related to the repeated release of memory, allows a hacker to execute arbitrary code.

The vulnerability of the command-line tool cURL is related to the repeated release of memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...