Curl Security Vulnerabilities and Issues — Curl CVE List

Lucene search

Daniel StenbergCurl

3 matches found

CVE•added 2005/12/08 1:3 a.m.•66 views

CVE-2005-4077

Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating null byte from being added to ...

4.6CVSS9.2AI score0.00266EPSS

CVE•added 2006/03/21 1:6 a.m.•37 views

CVE-2006-1061

Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path.

7.5CVSS7.6AI score0.03827EPSS

CVE•added 2001/01/22 5:0 a.m.•28 views

CVE-2000-0973

Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated.

10CVSS8.2AI score0.09974EPSS