SUSE CVE-2016-8622

The URL percent-encoding decode function in libcurl before 7.51.0 is called curleasyunescape. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus the length would get...

Denial Of Service (DoS)

libcurl.so is susceptible to denial of serviceDoS. The vulnerability exists because the curleasyunescape function in lib/escape.c only terminates string parsing when a zero byte is used, leading to heap corruption that can crash the application or cause arbitrary code to be executed...

curl: URL unescape heap overflow via integer truncation

The URL percent-encoding decode function in libcurl before 7.51.0 is called curleasyunescape. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus the length would get...

Denial Of Service (DoS)

libcurl.so is susceptible to denial of serviceDoS. The vulnerability exists because the curleasyunescape function in lib/escape.c only terminates string parsing when a zero byte is used, leading to heap corruption that can crash the application or cause arbitrary code to be executed...

CVE-2013-2174

Heap-based buffer overflow in the curleasyunescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted string ending in a "%" percent character...

libcurl uninitialized memory reference

Uninitialized memory access in curleasyunescape...

Mandriva Linux Security Advisory : curl (MDVSA-2013:180)

A vulnerability has been discovered and corrected in curl : libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape decodes URL encoded strings to raw binary data. URL encoded octets are represented with %HH combinations...

DSA-2713-1 curl - heap overflow

Bulletin has no description...

URL decode buffer boundary flaw

libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape decodes URL encoded strings to raw binary data. URL encoded octets are represented with %HH combinations where HH is a two-digit hexadecimal number. The decoded strin...

cURL library -- heap corruption in curl_easy_unescape

cURL developers report: libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape decodes URL-encoded strings to raw binary data. URL-encoded octets are represented with %HH combinations where HH is a two-digit hexadecimal...