Lucene search
K
HaxxLibcurl

61 matches found

cve
cve
added 2023/10/18 3:52 a.m.1136 views

CVE-2023-38545

CVE-2023-38545 is a heap-based buffer overflow in curl/libcurl during SOCKS5 proxy hostname handling. When a long host name (over 255 bytes) is passed for proxy resolution, curl may copy the full hostname into the target buffer due to a race in a slow handshake, enabling arbitrary code execution....

9.8CVSS9.4AI score0.78483EPSS
cve
cve
added 2023/10/18 3:51 a.m.905 views

CVE-2023-38546

CVE-2023-38546 affects libcurl/curl (curl_easy_duphandle path). Root cause: when duplicating an easy handle with cookies enabled, the cookie state is cloned without cookies; if source hadn’t loaded cookies from disk, the clone may load cookies from a file named none in the program’s CWD, enabling...

3.7CVSS7.4AI score0.06208EPSS
cve
cve
added 2024/07/31 8:8 a.m.696 views

CVE-2024-7264

CVE-2024-7264 affects libcurl’s ASN.1 parser (GTime2str): if parsing a syntactically incorrect Generalized Time field, the code may set the time fraction length to -1, causing strlen() to operate on a non-null-terminated heap buffer. This can cause a crash and potentially leak heap contents to th...

6.5CVSS7.3AI score0.17301EPSS
cve
cve
added 2020/12/14 7:39 p.m.560 views

CVE-2020-8286

The CVE-2020-8286 issue affects curl/libcurl where OCSP responses were not verified correctly against the certificate, leaving room for fraudulent OCSP responses to appear valid and potentially bypass revocation checks. Reported range: curl versions 7.41.0 through 7.73.0. Impact phrasing in cited...

7.5CVSS7.6AI score0.04575EPSS
cve
cve
added 2018/09/05 7:0 p.m.542 views

CVE-2018-14618

CVE-2018-14618 affects curl/libcurl NTLM authentication. The vulnerability arises from an integer overflow in Curl_ntlm_core_mk_nt_hash (32-bit size_t) that overflows when password length > 2 GB, causing heap buffer overflow due to under-allocated temporary storage. Affects curl prior to 7.61....

10CVSS9.9AI score0.11115EPSS
cve
cve
added 2019/05/28 6:47 p.m.537 views

CVE-2019-5436

CVE-2019-5436 affects curl/libcurl with a heap buffer overflow in the TFTP receiving code (tftp_receive_packet). Exploitation can lead to DoS or arbitrary code execution. Upstream fix released in curl 7.65.0; advisories from CentOS, Arch Linux, Debian, and others document the vulnerability and re...

7.8CVSS8.3AI score0.49739EPSS
cve
cve
added 2021/08/05 8:16 p.m.459 views

CVE-2021-22924

CVE-2021-22924 — libcurl connection reuse flaw : The issue arises when libcurl reuses connections from its pool without correctly accounting for the issuer certificate and with path comparisons that are case-insensitive. This can cause a transfer to use the wrong, previously opened connection. Pu...

4.3CVSS5.7AI score0.0627EPSS
cve
cve
added 2019/02/06 8:0 p.m.452 views

CVE-2019-3822

CVE-2019-3822 affects libcurl 7.36.0 through before 7.64.0. The vulnerability is a stack-based buffer overflow in the NTLM header creation path: Curl_auth_create_ntlm_type3_message() uses unsigned arithmetic to guard a local buffer, but the check is insufficient, allowing the output data to excee...

9.8CVSS9.3AI score0.12771EPSS
cve
cve
added 2021/04/01 5:45 p.m.450 views

CVE-2021-22876

The Connected documents confirm CVE-2021-22876 affects curl/libcurl 7.1.1 through 7.75.0, where libcurl fails to remove user credentials from URLs when populating the Referer header, leading to leakage of credentials to the server of the second request. The root cause is improper handling of cred...

5.3CVSS5.7AI score0.05301EPSS
cve
cve
added 2020/12/14 7:39 p.m.416 views

CVE-2020-8231

CVE-2020-8231 affects libcurl/curl: a dangling pointer could cause the library to use the wrong connection when CURLOPT_CONNECT_ONLY is set, potentially leading to information leaks. Public references in the provided connected docs show affected curl/libcurl versions ranging from 7.29.0 through 7...

7.5CVSS7.5AI score0.03721EPSS
cve
cve
added 2020/12/14 7:39 p.m.402 views

CVE-2020-8285

CVE-2020-8285 is a curl/libcurl vulnerability in the FTP wildcard match parsing. The issue triggers uncontrolled recursion leading to a stack overflow when the internal callback returns CURL_CHUNK_BGN_FUNC_SKIP repeatedly, potentially causing a crash. Affected software includes curl/libcurl from ...

7.5CVSS7.7AI score0.09917EPSS
cve
cve
added 2017/10/31 9:0 p.m.392 views

CVE-2017-1000257

CVE-2017-1000257: A heap-based buffer overrun in libcurl’s IMAP FETCH handling (zero-length data) can cause reading past the end of a heap buffer, potentially disclosing information or crashing the application. Upstream fix and downstream advisories implement version bumps to 7.56.1-1 or later; a...

9.1CVSS9.1AI score0.06224EPSS
cve
cve
added 2025/02/05 9:18 a.m.388 views

CVE-2025-0725

CVE-2025-0725 affects libcurl when performing automatic gzip decompression with CURLOPT_ACCEPT_ENCODING using zlib 1.2.0.3 or older. A attacker-controlled integer overflow can cause a buffer overflow during decompression. Connected advisories (ALAS/Amazon/Linux and Debian/CVE trackers) confirm th...

7.3CVSS7.4AI score0.01218EPSS
cve
cve
added 2021/04/01 5:46 p.m.364 views

CVE-2021-22890

CVE-2021-22890 affects curl 7.63.0 through 7.75.0. When using TLS 1.3 with an HTTPS proxy, libcurl could confuse TLS session tickets from the proxy as if they came from the remote server, potentially causing the host’s session ticket to be resumed incorrectly and bypass server certificate checks,...

4.3CVSS4.9AI score0.03141EPSS
cve
cve
added 2021/09/23 12:0 a.m.345 views

CVE-2021-22945

Summary: CVE-2021-22945 affects libcurl/curl when sending data to an MQTT server, where in some cases a pointer to freed memory could be reused and freed again. This is a memory-use-after-free/double-free issue in libcurl. What is affected: libcurl/curl (MQTT data transmission scenarios) with vul...

9.1CVSS8.9AI score0.06216EPSS
cve
cve
added 2019/02/06 8:0 p.m.288 views

CVE-2018-16890

CVE-2018-16890 affects libcurl versions 7.36.0 to before 7.64.0. The NTLM type-2 handling path (lib/vauth/ntlm.c:ntlm_decode_type2_target) fails to validate incoming data, enabling an integer overflow that an attacker could abuse to trigger a heap read out-of-bounds. Related issues in the same se...

7.5CVSS8.6AI score0.05351EPSS
cve
cve
added 2019/02/06 8:0 p.m.288 views

CVE-2019-3823

CVE-2019-3823 affects curl/libcurl from version 7.34.0 through before 7.64.0. The issue is a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to smtp_endofresp() isn’t NUL terminated and contains no character ending the parsed number, and len is 5, a...

7.5CVSS8.5AI score0.04286EPSS
cve
cve
added 2023/03/30 12:0 a.m.287 views

CVE-2023-27535

CVE-2023-27535 affects libcurl

5.9CVSS7.3AI score0.01607EPSS
cve
cve
added 2017/11/29 6:0 p.m.285 views

CVE-2017-8817

The CVE-2017-8817 issue is a read-out-of-bounds in libcurl’s FTP wildcard function that occurs when a path ends with an opening bracket [, affecting curl/libcurl versions earlier than 7.57.0. This can lead to a crash and potential information leakage. Amazon Linux 2 and other advisories (ALAS-201...

9.8CVSS9.7AI score0.11175EPSS
cve
cve
added 2023/03/30 12:0 a.m.276 views

CVE-2023-27536

CVE-2023-27536 affects libcurl

5.9CVSS7AI score0.01566EPSS
cve
cve
added 2017/11/29 6:0 p.m.259 views

CVE-2017-8816

CVE-2017-8816 affects curl/libcurl NTLM authentication on 32-bit platforms, enabling a denial-of-service via integer overflow and buffer overflow when handling long user/password fields. Public advisories tie this to the NTLM path and note exposure through 32-bit builds prior to curl 7.57.0. Amaz...

9.8CVSS10AI score0.08523EPSS
cve
cve
added 2016/10/07 2:0 p.m.255 views

CVE-2016-7167

CVE-2016-7167: In libcurl, four escaping/unescaping functions (curl_escape, curl_easy_escape, curl_unescape, curl_easy_unescape) allow a string length of 0xffffffff, causing integer overflows and a heap-based buffer overflow. The vulnerability affects libcurl builds predating upstream fix. Upstre...

9.8CVSS8AI score0.11737EPSS
cve
cve
added 2016/08/10 2:0 p.m.242 views

CVE-2016-5419

CVE-2016-5419 affects curl/libcurl up to 7.50.1, where TLS session resumption is allowed even if the client certificate changed. This enables a remote attacker to bypass client-certificate checks by resuming a previously established session, potentially hijacking authentication. CVE-2016-5420 and...

7.5CVSS7AI score0.15063EPSS
cve
cve
added 2016/08/10 2:0 p.m.234 views

CVE-2016-5420

CVE-2016-5420 affects curl/libcurl prior to 7.50.1, where the client certificate is not checked when reusing a TLS connection, enabling an attacker to hijack the authentication of an existing connection by leveraging a previously loaded client certificate. The related advisories confirm that this...

7.5CVSS7.1AI score0.14596EPSS
cve
cve
added 2017/10/06 1:0 p.m.215 views

CVE-2017-1000254

CVE-2017-1000254 affects curl/libcurl: FTP PWD response parsing could read beyond a heap buffer due to a parser flaw when the directory name is not properly quoted. The issue causes out-of-bounds reads and potential crashes. Patches exist in curl updates (notably fixed by 7.56.0 with improved nul...

7.5CVSS7.6AI score0.08465EPSS
cve
cve
added 2023/03/30 12:0 a.m.215 views

CVE-2023-27538

CVE-2023-27538 affects libcurl/curl (curl/libcurl) and related packages. The issue is an authentication bypass in libcurl prior to v8.0.0 where a previously established SSH connection could be reused despite an SSH option change, due to two SSH settings being omitted from the configuration match,...

7.7CVSS7.1AI score0.01162EPSS
cve
cve
added 2014/11/18 3:0 p.m.214 views

CVE-2014-3613

CVE-2014-3613 involves curl/libcurl before 7.38.0 failing to properly validate IP addresses in cookie domain names, enabling a remote attacker to set cookies for, or send cookies to, unintended sites (as demonstrated by 192.168.0.1 cookies affecting 127.168.0.1). The issue is documented across mu...

5CVSS9.3AI score0.07432EPSS
cve
cve
added 2016/08/10 2:0 p.m.210 views

CVE-2016-5421

CVE-2016-5421 is a use-after-free in libcurl up to version 7.50.0 that can affect which connection is used or cause unspecified impact via unknown vectors. Public notes in ALAS-2016-730 (curl) indicate the issue affects curl/libcurl before 7.50.1 and that patches upgrade to 7.50.1 or newer; remed...

8.1CVSS7.4AI score0.08037EPSS
cve
cve
added 2017/10/04 1:0 a.m.207 views

CVE-2017-1000100

CVE-2017-1000100 is a curl/libcurl vulnerability with concrete details across connected docs: an information-disclosure and potential DoS via TFTP long-file-name handling, and a flawed FTP PWD parsing path. Arch Linux advisories ASA-201710-3/4/5/6 specify vulnerable lib32-curl, lib32-libcurl-gnut...

6.5CVSS6.8AI score0.03958EPSS
cve
cve
added 2018/01/24 10:0 p.m.204 views

CVE-2018-1000005

CVE-2018-1000005 affects libcurl 7.49.0 through 7.57.0, due to an out-of-bounds read when handling HTTP/2 trailers. Reading a trailer could corrupt future trailers, leading to a crash or potential information disclosure; the issue arises from mis-updated math after changing the header creation to...

9.1CVSS8.9AI score0.04556EPSS
cve
cve
added 2018/07/31 9:0 p.m.202 views

CVE-2016-8622

CVE-2016-8622 affects curl/libcurl’s URL percent-encoding decode path. The curl_easy_unescape function may allocate a destination buffer larger than 2 GB but store the result length in a signed 32‑bit int, causing length truncation or negative values. This can lead to writing outside the heap. Pu...

9.8CVSS7.8AI score0.0467EPSS
cve
cve
added 2016/10/03 9:0 p.m.200 views

CVE-2016-7141

CVE-2016-7141 affects curl/libcurl up to version 7.50.1 (before 7.50.2) when built with NSS and the libnsspem.so runtime library is available. The root issue is TLS client certificate reuse: a previously loaded client certificate from file could be reused for a new TLS connection that has no cert...

7.5CVSS7.2AI score0.08404EPSS
cve
cve
added 2024/07/24 7:29 a.m.185 views

CVE-2024-6197

CVE-2024-6197 affects libcurl’s ASN.1 parser (utf8asn1str) where freeing a 4-byte local stack buffer on error can corrupt nearby stack memory depending on the malloc implementation; outcome most often is a crash, with remote exploitation not detailed in the provided documents. Connected sources c...

7.5CVSS6.4AI score0.04296EPSS
cve
cve
added 2024/07/24 7:36 a.m.179 views

CVE-2024-6874

CVE-2024-6874 affects libcurl’s URL API function curl_url_get() when built with the macidn IDN backend. If the input name is exactly 256 bytes, the function may read past a stack-based buffer, and when the conversion fills the provided buffer, it does not null-terminate the string, potentially ca...

4.3CVSS6.6AI score0.00786EPSS
cve
cve
added 2014/11/15 8:0 p.m.177 views

CVE-2014-3707

CVE-2014-3707 affects libcurl/curl prior to a non-vulnerable build when using CURLOPT_COPYPOSTFIELDS, where curl_easy_duphandle incorrectly copies HTTP POST data, causing an out-of-bounds read. Affected products/versions cited in the documents include libcurl/curl 7.17.1 through 7.38.0, enabling ...

4.3CVSS9.2AI score0.05121EPSS
cve
cve
added 2014/02/02 12:0 a.m.165 views

CVE-2014-0015

The CVE-2014-0015 issue affects curl/libcurl 7.10.6–7.34.0, where NTLM connections are reused when multiple authentication methods are enabled, potentially allowing a context-dependent attacker to authenticate as another user via a request. The F5 advisory family (e.g., K15862) mirrors this vulne...

4CVSS6.2AI score0.05599EPSS
cve
cve
added 2015/04/24 2:0 p.m.164 views

CVE-2015-3143

The connected documents provide concrete details for CVE-2015-3143: in curl and libcurl, versions 7.10.6 through 7.41.0 failed to properly re-use NTLM connections, enabling a remote attacker to connect as another user via an unauthenticated request (NTLM/Negotiate authentication interaction). Thi...

5CVSS7.3AI score0.16222EPSS
cve
cve
added 2015/01/15 3:0 p.m.157 views

CVE-2014-8150

CVE-2014-8150 is a CRLF injection flaw in libcurl 6.0–7.x prior to 7.40.0. When using an HTTP proxy, an attacker can inject arbitrary HTTP headers and trigger HTTP response splitting via CRLF sequences in the URL. The vulnerability is demonstrated in the public description: it affects libcurl and...

4.3CVSS8.7AI score0.0681EPSS
cve
cve
added 2015/04/24 2:0 p.m.154 views

CVE-2015-3148

CVE-2015-3148 affects curl and libcurl (versions 7.10.6 through 7.41.0). The issue is improper reuse of authenticated Negotiate connections, which could allow a remote attacker to perform requests as another user by manipulating a connection during a request. The connected sources corroborate the...

5CVSS9.1AI score0.17942EPSS
cve
cve
added 2014/04/15 2:0 p.m.147 views

CVE-2014-0138

Technical details about CVE-2014-0138 are not provided in the supplied documents. The connected sources discuss related CVEs and curl issues, but do not specify affected products, versions, root cause, impact, or fixes for this CVE.

6.4CVSS6.3AI score0.0508EPSS
cve
cve
added 2014/04/15 2:0 p.m.145 views

CVE-2014-0139

CVE-2014-0139 affects curl/libcurl up to version 7.36.0 when using TLS with OpenSSL, axtls, qsossl or gskit. The vulnerability arises from how the hostname validation handles wildcard characters in the certificate’s Common Name (CN); a crafted certificate could allow MITM spoofing of SSL servers....

5.8CVSS5.2AI score0.04888EPSS
cve
cve
added 2014/11/18 3:0 p.m.144 views

CVE-2014-3620

The provided connected sources confirm CVE-2014-3620: cURL/libcURL could allow a remote attacker to bypass security restrictions by setting cookies for Top Level Domains (TLDs). Affected are curl/libcurl prior to the fix; the issue enables a cookie to be set for a TLD (for example ".me."), and th...

5CVSS7.1AI score0.04876EPSS
cve
cve
added 2013/07/31 10:0 a.m.142 views

CVE-2013-2174

CVE-2013-2174 : A heap-based buffer overflow in curl_easy_unescape() (lib/escape.c) in curl/libcurl, affecting 7.7–7.30.0, can cause remote crashes or arbitrary code execution via a crafted string ending in “%”. Connected IBM PSIRTs/IMM advisories corroborate the issue and map affected IMM firmwa...

6.8CVSS6.6AI score0.11118EPSS
cve
cve
added 2015/05/01 3:0 p.m.140 views

CVE-2015-3153

Technical details for CVE-2015-3153 are not provided in the connected documents. Monitor for updates; the available material only includes the initial summary of impact without vendor/product specifics.

5CVSS8.2AI score0.07538EPSS
cve
cve
added 2023/03/30 12:0 a.m.136 views

CVE-2023-27537

CVE-2023-27537 is a double‑free vulnerability in libcurl

5.9CVSS5.7AI score0.01856EPSS
cve
cve
added 2015/04/24 2:0 p.m.134 views

CVE-2015-3145

CVE-2015-3145 affects curl/libcurl 7.31.0 through 7.41.0. The sanitize_cookie_path function can miscompute an index, enabling a remote attacker to cause a denial of service via an out-of-bounds write when the cookie path consists only of a double-quote character. Connected sources corroborate the...

7.5CVSS9.4AI score0.3763EPSS
cve
cve
added 2015/06/22 7:0 p.m.134 views

CVE-2015-3237

The CVE-2015-3237 issue affects curl/libcurl 7.40.0–7.42.1. In the smb_request_state() handler, two length and offset values parsed from network data are used without proper boundary checks, enabling a remote SMB server to read memory contents or trigger a crash. Impacts include information discl...

6.4CVSS8.1AI score0.09334EPSS
cve
cve
added 2013/04/29 10:0 p.m.127 views

CVE-2013-1944

CVE-2013-1944 is the tailMatch cookie handling flaw in curl/curl/libcurl where the tailMatch function in cookie.c does not correctly match path domains, allowing cookie leakage via suffix matches in URLs. Affected are curl and libcurl versions before 7.30.0. Multiple connected advisories (e.g., M...

5CVSS9.1AI score0.04986EPSS
cve
cve
added 2017/10/04 1:0 a.m.125 views

CVE-2017-1000099

CVE-2017-1000099 is an information-disclosure flaw in curl/libcurl prior to 7.55.0. When retrieving a file from a file:// URL, libcurl could output metadata with HTTP-like headers by sending the wrong, uninitialized heap buffer to stdout/provide callback, potentially displaying private heap data....

6.5CVSS6.6AI score0.03075EPSS
cve
cve
added 2015/04/24 2:0 p.m.120 views

CVE-2015-3144

CVE-2015-3144 affects curl and libcurl; the fix_hostname function can miscalculate an index, enabling out-of-bounds read/write via a zero-length host name (examples: http://:80 and :80.), leading to denial of service (crash) and potentially other impacts. Public documents consistently describe th...

9CVSS9.3AI score0.11027EPSS
Total number of security vulnerabilities61