26 matches found
Memory Leak
libcurl.so is vulnerable to memory leak. The attack is possible due to performing sizet multiplication in curlmaprintf on systems using 32 bit causing a double free error.This vulnerability cannot be triggered if there is no publicly exposed function or if 64 bit sizet types are used...
Denial Of Service (DoS)
libcurl.so is susceptible to denial of serviceDoS. The vulnerability exists because the curleasyunescape function in lib/escape.c only terminates string parsing when a zero byte is used, leading to heap corruption that can crash the application or cause arbitrary code to be executed...
TLS Session Resumption Client Certificate Bypass
libcurl.so is vulnerable to TLS session resumption client certificate bypass attacks. The vulnerability exists in Curlclonesslconfig of lib/vtls/vtls.c where libcurl.so does not prevent the TLS session resumption if the client certificate has been replaced...
Denial Of Service (DoS)
libcurl.so is vulnerable to denial of service DoS attacks. The library does not properly handle LDAP URLs, allowing a malicious user to cause a null pointer dereference, crashing the application...
Denial Of Service (DoS) Through Integer Overflow
libcurl.so is vulnerable to denial of service DoS through an integer overflow. The vulnerability exists in NTLM authentication code where long user and password fields are not handled properly, crashing the application through a buffer overflow...
Denial Of Service (DoS) Through Heap Buffer Overflow
libcurl.so is vulnerable to denial of service DoS through heap-based buffer overflow attacks. The vulnerability exists in setcharset of lib/curlfnmatch.c where using the default pattern matching function could cause a read beyond the end of the string if the match pattern ends with an open bracke...