Out-of-Bounds Read

libcurl.so is vulnerable to an Out-of-Bounds Read. The vulnerability is due to a flaw in the URL API function curlurlget when using the macidn IDN backend. It arises from the function filling the provided buffer exactly without null-terminating the string. Attackers can exploit this to read stack...

Stack-based Buffer Overflow

libcurl.so is vulnerable to a Stack-based Buffer Overflow. The vulnerability is due to improper handling of memory in the utf8asn1str function, which invokes free function on a 4-byte local stack buffer when detecting an invalid field. Attackers can exploit this flaw to overwrite nearby stack...

Use After Free

libcurl.so is vulnerable to Use After Free. The vulnerability is due to improper freeing of an easy handle within the Curlclose function. The application frees the struct without assigning it to a null pointer. The usage of previously freed memory could lead to data corruption or lead to a crash ...

Race Condition

libcurl.so is vulnerable to a Race Condition. The library is susceptible to a TOCTOU race condition when it saves cookies, HSTS, and alt-svc data to a file. A victim might use the data for an intended purpose, but an attacker may overwrite the protected file...

Use After Free

libcurl.so is vulnerable to Use After Free. Even when the CURLOPTPOSTFIELDS option is enabled, libcurl may mistakenly use the read callback CURLOPTREADFUNCTION while performing HTTPS transfers to request data to send. The application might misbehave and send the incorrect data or use memory that ...

Authentication Bypass

libcurl.so is vulnerable to authentication bypass. Insecure re-use of NTLM-authenticated proxy connections allow an attacker to authenticate as other users via a malicious request...

Denial Of Service (DoS)

libcurl.so is vulnerable to denial of service. A buffer overrun in the SASL authentication code allows an attacker to crash the application...

Denial Of Service (DoS)

libcurl.so is vulnerable to denial of service. A heap-based buffer overflow when setting protocol given a URL without a scheme part allows an attacker to cause a denial of service condition in the application...

Insecure TLS Configuration

libcurl.so uses an insecure TLS configuration. The selected cipher set was stored in a single "static" variable in the library, and due to an error in code, the last cipher that is set would control the set used by all transfers...

Denial Of Service (DoS)

libcurl.so is vulnerable to denial of service. A heap-based buffer overflow occurs when closing an FTP connection with long server command reply, allowing a remote attacker to crash the process and potentially execute arbitrary code...

Denial Of Service (DoS)

libcurl.so is vulnerable to denial of service DoS. The library does not correctly check input data, allowing an attacker or compromised NTLM server to perform out-of-bounds buffer reading by providing a bad length + offset combination as input...

Denial Of Service (DoS)

libcurl.so is vulnerable to denial of service DoS. The vulnerability is possible because it does not properly handle the end-of-response for SMTP, leading to an out-of-bounds read if the strtol function is called. Therefore, it causes reading beyond the allocated buffer...

TLS Session Resumption Client Certificate Bypass

libcurl.so is vulnerable to TLS session resumption client certificate bypass attacks. The vulnerability exists in Curlclonesslconfig of lib/vtls/vtls.c where libcurl.so does not prevent the TLS session resumption if the client certificate has been replaced...

Denial Of Service (DoS)

libcurl.so is susceptible to denial of serviceDoS. The vulnerability exists because the curleasyunescape function in lib/escape.c only terminates string parsing when a zero byte is used, leading to heap corruption that can crash the application or cause arbitrary code to be executed...

Improper Validation

libcurl.so is vulnerable to improper validation. The library does not properly verify the server's name in a certificate when establishing a TLS connection, causing the certificate verifications to be performed...

Reusable NTLM Connections

libcurl.so is vulnerable to reusable NTLM connections. The vulnerability exists due to the improper checks of the NTLM state when checking if a connection exists, allowing reusable NTLM connections...

Information Disclosure

libcurl.so is vulnerable to information disclosure. HTTP headers are sent to both proxy and destination servers. This can lead to confidential information such as basic authorization headers containing user credentials being exposed to remote proxy servers...

Denial Of Service (DoS)

libcurl.so is vulnerable to denial of service DoS. The vulnerability is due to a flaw in the 'globbing' feature, which causes integer overflow and out-of-bounds read if the input is a malicious one...

Unauthorized Requests

libcurl.so is vulnerable to unauthorized requests. The library uses outdated IDNA standards when handling domain names, allowing a user to transfer network requests to the wrong host...

Remote Security Bypass

libcurl.so is vulnerable to remote security bypass attacks. The vulnerability exists due to a flaw of case insensitive password comparisons such that an attacker with the correct case insensitive password would be authorized...