Libcurl@7.10 Security Vulnerabilities and Issues — Libcurl@7.10 CVE List

Lucene search

HaxxLibcurl7.10

3 matches found

CVE•added 2017/10/06 1:29 p.m.•184 views

CVE-2017-1000254

libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory with the PWD command. The server then responds with a 257 response containing the path, inside double ...

7.5CVSS7.6AI score0.01688EPSS

CVE•added 2015/01/15 3:59 p.m.•125 views

CVE-2014-8150

CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.

4.3CVSS8.7AI score0.0215EPSS

CVE•added 2013/07/31 1:20 p.m.•86 views

CVE-2013-2174

Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.

6.8CVSS6.6AI score0.09235EPSS