1150 matches found
Curl 8.16.0 < 8.21.0 WebSocket Auto-PONG Memory Exhaustion
The version of curl installed on the remote host is 8.16.0 prior to 8.21.0. It is, therefore, affected by a denial of service vulnerability: - Because curl lacks an upper bound on memory allocation for unacknowledged WebSocket frames, a malicious server can exhaust all available memory by floodin...
Curl 8.11.1 < 8.21.0 Netrc Password Leak
The version of curl installed on the remote host is 8.11.1 prior to 8.21.0. It is, therefore, affected by a credential disclosure vulnerability: - When asking curl to use a .netrc file to find credentials and at the same time specifying a URL with a username, curl could wrongly get and use the...
Curl 7.81.0 < 8.21.0 Proto-Default Skips SSH Verification
The version of curl installed on the remote host is 7.81.0 prior to 8.21.0. It is, therefore, affected by an improper host validation vulnerability: - When a user invokes curl using a schemeless URL combined with --proto-default sftp, a disconnect occurs that erroneously bypasses the initializati...
Curl 8.15.0 < 8.21.0 SASL Double-Free
The version of curl installed on the remote host is 8.15.0 prior to 8.21.0. It is, therefore, affected by a double-free vulnerability: - The curl logic that works with SASL authentication could end up cleaning up the GSASL context twice without clearing the pointer in between, making it free the...
Astra Linux – Vulnerability in curl
When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3, or SMTP scheme, curl may incorrectly pass the bearer token to the new target host...
CURL-CVE-2026-9545 exposing HTTP/3 early data
In this scenario, libcurl first uses a proper HTTP/3 server for the initial transfers, and when it makes a second transfer to the same site it has been replaced by the attacker's impostor machine - without a valid certificate. When libcurl returns to the hostname the second time with a cached SSL...
CURL-CVE-2026-8926 password leak with netrc and user in URL
When asking curl to use a .netrc file to find credentials and at the same time specifying a URL with a username without a password, like https://[email protected]/, curl could wrongly get and use the password for another user set in the .netrc file for that host if such a one exists and there is n...
CURL-CVE-2026-11564 Native CA trust persist
libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA...
Linux Distros Unpatched Vulnerability : CVE-2026-9080
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - curl - None Ubuntu Linux - Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability,...
Linux Distros Unpatched Vulnerability : CVE-2026-9547
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - curl - None Ubuntu Linux - When a libcurl-based application performs transfers via SCP:// or SFTP:// and utilizes the CURLOPTSSHKEYFUNCTION...
Linux Distros Unpatched Vulnerability : CVE-2026-9545
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - curl - None Ubuntu Linux - In this scenario, libcurl first uses a proper HTTP/3 server for the initial transfers, and when it makes a second...
Linux Distros Unpatched Vulnerability : CVE-2026-8932
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - curl - None Ubuntu Linux - libcurl would reuse a previously created connection even when some mTLS config related option had been changed that...
Astra Linux – Vulnerability in curl
There is an improper authentication vulnerability in curl versions 7.33.0 through and including 7.82.0. This vulnerability may allow for the reuse of OAUTH2-authenticated connections without ensuring that the connection was authentically verified with the same credentials used for this transfer...
Astra Linux – Vulnerability in curl
In versions 7.7 through 7.76.1 of curl, there is an information disclosure issue when the -t command-line option, referred to as CURLOPTTELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers. This issue arises due to a flaw in the option parser for sending NEWENV...
Astra Linux – Vulnerability in curl
When curl is used to retrieve and parse cookies from an HTTPS server, it accepts cookies using control codes that, when sent back to an HTTP server later, may cause the server to return 400 responses. This effectively allows a “sister site” to deny service to all other sibling sites...
Astra Linux – Vulnerability in curl
When performing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread will inadvertently change them globally, and thus may also affect other concurrently running transfers. Disabling certificate verification for a specific transfer can unintentionally...
Astra Linux – Vulnerability in curl
Curl versions 7.20.0 through 7.70.0 are vulnerable to improper restrictions on the names of files and other resources, which can lead to overwriting of local files when the -J flag is used...
Astra Linux – Vulnerability in curl
Curl versions 7.62.0 through 7.70.0 are vulnerable to an information disclosure vulnerability that can result in a partial password being leaked over the network and to the DNS servers...
Astra Linux – Vulnerability in curl
curl 7.84.0 supports “chained” HTTP compression algorithms, which means that a server response can be compressed multiple times, possibly using different algorithms. The number of allowable “links” in this “decompression chain” is unlimited, allowing a malicious server to insert virtually an...
Astra Linux – Vulnerability in curl
libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse, if one of them matches the setup. Due to errors in the logic, the config matching function did not take ‘issuercert’ into account, and it compared the involved paths case insensitively, which could...