Libcurl Security Vulnerabilities and Issues — Libcurl CVE List

Lucene search

HaxxLibcurl

6 matches found

CVE•added 2023/10/18 4:15 a.m.•1001 views

CVE-2023-38545

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxyhandshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allowthat to resolve the address instead of it getting done by curl itself, themaximum length that host name can be is 255 bytes. If the host name is...

9.8CVSS9.4AI score0.22672EPSS

CVE•added 2023/10/18 4:15 a.m.•788 views

CVE-2023-38546

This flaw allows an attacker to insert cookies at will into a running programusing libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles"that are the individual handles for single transfers. libcurl provides a function ca...

3.7CVSS7.4AI score0.00217EPSS

CVE•added 2023/03/30 8:15 p.m.•230 views

CVE-2023-27536

An authentication bypass vulnerability exists libcurl

5.9CVSS7AI score0.00007EPSS

CVE•added 2023/03/30 8:15 p.m.•219 views

CVE-2023-27535

An authentication bypass vulnerability exists in libcurl

5.9CVSS7.3AI score0.00026EPSS

CVE•added 2023/03/30 8:15 p.m.•183 views

CVE-2023-27538

An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent ...

7.7CVSS7.1AI score0.00007EPSS

CVE•added 2023/03/30 8:15 p.m.•107 views

CVE-2023-27537

A double free vulnerability exists in libcurl

5.9CVSS5.7AI score0.00053EPSS