Libcurl Security Vulnerabilities and Issues — Libcurl CVE List

Lucene search

HaxxLibcurl

6 matches found

CVE•added 2023/10/18 4:15 a.m.•1055 views

CVE-2023-38545

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxyhandshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allowthat to resolve the address instead of it getting done by curl itself, themaximum length that host name can be is 255 bytes. If the host name is...

9.8CVSS9.4AI score0.22222EPSS

CVE•added 2023/10/18 4:15 a.m.•837 views

CVE-2023-38546

This flaw allows an attacker to insert cookies at will into a running programusing libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles"that are the individual handles for single transfers. libcurl provides a function ca...

3.7CVSS7.4AI score0.00211EPSS

CVE•added 2023/03/30 8:15 p.m.•242 views

CVE-2023-27536

An authentication bypass vulnerability exists libcurl

5.9CVSS7AI score0.0001EPSS

CVE•added 2023/03/30 8:15 p.m.•229 views

CVE-2023-27535

An authentication bypass vulnerability exists in libcurl

5.9CVSS7.3AI score0.00045EPSS

CVE•added 2023/03/30 8:15 p.m.•190 views

CVE-2023-27538

An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent ...

7.7CVSS7.1AI score0.0001EPSS

CVE•added 2023/03/30 8:15 p.m.•108 views

CVE-2023-27537

A double free vulnerability exists in libcurl

5.9CVSS5.7AI score0.00105EPSS