Libcurl Security Vulnerabilities and Issues — Libcurl CVE List

Lucene search

HaxxLibcurl

11 matches found

CVE•added 2023/10/18 4:15 a.m.•1002 views

CVE-2023-38545

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxyhandshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allowthat to resolve the address instead of it getting done by curl itself, themaximum length that host name can be is 255 bytes. If the host name is...

9.8CVSS9.4AI score0.22672EPSS

CVE•added 2019/02/06 8:29 p.m.•405 views

CVE-2019-3822

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()), generates the request HTTP header contents based on previously received data. The check that ...

9.8CVSS9.3AI score0.34384EPSS

CVE•added 2017/10/31 9:29 p.m.•358 views

CVE-2017-1000257

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a m...

9.1CVSS9.1AI score0.01023EPSS

CVE•added 2021/09/23 1:15 p.m.•300 views

CVE-2021-22945

When sending data to an MQTT server, libcurl

9.1CVSS8.9AI score0.00481EPSS

CVE•added 2017/11/29 6:29 p.m.•225 views

CVE-2017-8816

The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.

9.8CVSS10AI score0.00595EPSS

CVE•added 2016/10/07 2:59 p.m.•221 views

CVE-2016-7167

Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow.

9.8CVSS8AI score0.02208EPSS

CVE•added 2017/11/29 6:29 p.m.•206 views

CVE-2017-8817

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

9.8CVSS9.7AI score0.0119EPSS

CVE•added 2018/07/31 9:29 p.m.•174 views

CVE-2016-8622

The URL percent-encoding decode function in libcurl before 7.51.0 is called curl_easy_unescape. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus the length would get ei...

9.8CVSS7.8AI score0.01562EPSS

CVE•added 2018/01/24 10:29 p.m.•170 views

CVE-2018-1000005

libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the c...

9.1CVSS8.9AI score0.00356EPSS

CVE•added 2015/04/24 2:59 p.m.•96 views

CVE-2015-3144

The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-length host name, as demonstrated by "htt...

9CVSS9.3AI score0.02429EPSS

CVE•added 2017/11/29 6:29 p.m.•95 views

CVE-2017-8818

curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library.

9.8CVSS9.6AI score0.00675EPSS