Curl Security Vulnerabilities and Issues — Curl CVE List

Lucene search

HaxxCurl

10 matches found

CVE•added 2022/10/29 8:15 p.m.•264 views

CVE-2022-42915

curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTT...

8.1CVSS8.9AI score0.00751EPSS

CVE•added 2023/03/30 8:15 p.m.•262 views

CVE-2023-27534

A path traversal vulnerability exists in curl

8.8CVSS8.8AI score0.001EPSS

CVE•added 2022/05/26 5:15 p.m.•248 views

CVE-2022-22576

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols:...

8.1CVSS8AI score0.00296EPSS

CVE•added 2021/06/11 4:15 p.m.•220 views

CVE-2021-22901

curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. Wh...

8.1CVSS8.2AI score0.00272EPSS

CVE•added 2023/03/30 8:15 p.m.•205 views

CVE-2023-27533

A vulnerability in input validation exists in curl

8.8CVSS8.8AI score0.00098EPSS

CVE•added 2018/04/23 6:29 p.m.•195 views

CVE-2016-9586

curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks.

8.1CVSS7.8AI score0.00687EPSS

CVE•added 2022/06/02 2:15 p.m.•192 views

CVE-2022-27778

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error.

8.1CVSS7.8AI score0.00539EPSS

CVE•added 2018/04/23 7:29 p.m.•92 views

CVE-2016-9594

curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable.

8.1CVSS7.5AI score0.00953EPSS

CVE•added 2018/03/12 9:29 p.m.•68 views

CVE-2016-9952

The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by "*.com....

8.1CVSS7.6AI score0.01059EPSS

CVE•added 2005/05/02 4:0 a.m.•56 views

CVE-2005-0490

Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm funct...

8.8CVSS9.1AI score0.02576EPSS