Linux Distros Unpatched Vulnerability : CVE-2026-1965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcurl can in some circumstances reuse the wrong connection when asked to do an Negotiate-authenticated HTTP or HTTPS request. libcurl features a pool of recen...

curl 安全漏洞

curl is an open source tool from cURL for transferring data from or to a server. A security vulnerability exists in curl that stems from libcurl incorrectly accepting connections to SSH hosts that are not listed in the specified knownhosts file...

Linux Distros Unpatched Vulnerability : CVE-2025-15079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present ...

RHEL 9 : curl (RHSA-2025:23125)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23125 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP,...

ALPINE-CVE-2024-6197

libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes free on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort...

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in the RHEL UBI (CVE-2023-27533)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-27533 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2023-27533 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security...

curl: cookie injection with none file

A flaw was found in the Curl package. This flaw allows an attacker to insert cookies into a running program using libcurl if the specific series of conditions are met...

SUSE CVE-2016-5419

curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers to bypass intended restrictions by resuming a session...

curl: Bad connection reuse due to flawed path name checks

A flaw was found in libcurl in the way libcurl handles previously used connections without accounting for 'issuer cert' and comparing the involved paths case-insensitively. This flaw allows libcurl to use the wrong connection. The highest threat from this vulnerability is to confidentiality...

curl: Bad connection reuse due to flawed path name checks

A flaw was found in libcurl in the way libcurl handles previously used connections without accounting for 'issuer cert' and comparing the involved paths case-insensitively. This flaw allows libcurl to use the wrong connection. The highest threat from this vulnerability is to confidentiality...

curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set

A flaw was found in libcurl from versions 7.29.0 through 7.71.1. An application that performs multiple requests with libcurl's multi API, and sets the CURLOPTCONNECTONLY option, might experience libcurl using the wrong connection. The highest threat from this vulnerability is to data...

CURL-CVE-2018-16890 NTLM type-2 out-of-bounds buffer read

libcurl contains a heap buffer out-of-bounds read flaw. The function handling incoming NTLM type-2 messages lib/vauth/ntlm.c:ntlmdecodetype2target does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server...

CURL-CVE-2018-16840 use after free in handle close

libcurl contains a heap use after free flaw in code related to closing an easy handle. When closing and cleaning up an "easy" handle in the Curlclose function, the library code first frees a struct without clearing the pointer and might then subsequently erroneously write to a struct field within...

CURL-CVE-2017-8817 FTP wildcard out of bounds read

libcurl contains a read out of bounds flaw in the FTP wildcard function. libcurl's FTP wildcard matching feature, which is enabled with the CURLOPTWILDCARDMATCH option can use a built-in wildcard function or a user provided one. The built-in wildcard function has a flaw that makes it not detect t...

CURL-CVE-2017-1000257 IMAP FETCH response out of bounds read

libcurl contains a buffer overrun flaw in the IMAP handler. An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data...

UBUNTU-CVE-2016-5420

curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate...

curl: incorrect handle duplication after COPYPOSTFIELDS

A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPTCOPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory...

CURL-CVE-2014-0139 IP address wildcard certificate validation

libcurl incorrectly validates wildcard SSL certificates containing literal IP addresses. RFC 2818 covers the requirements for matching Common Names CNs and subjectAltNames in order to establish valid SSL connections. It first discusses CNs that are for hostnames, and the rules for wildcards in th...