Search
Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-9953 | 2 Haxx, Microsoft | 2 Curl, Windows Embedded Compact | 2023-12-15 | 7.5 HIGH | 9.8 CRITICAL |
| The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read. | |||||
| CVE-2020-19909 | 1 Haxx | 1 Curl | 2023-08-28 | N/A | 9.8 CRITICAL |
| ** DISPUTED ** Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated systems or networks if, for example, --retry-delay is misinterpreted as a value much smaller than what was intended. This is not especially plausible because the overflow only happens if the user was trying to specify that curl should wait weeks (or longer) before trying to recover from a transient error. | |||||
| CVE-2022-32207 | 1 Haxx | 1 Curl | 2022-07-15 | 7.5 HIGH | 9.8 CRITICAL |
| When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended. | |||||
| CVE-2018-1000007 | 5 Canonical, Debian, Fujitsu and 2 more | 20 Ubuntu Linux, Debian Linux, M10-1 and 17 more | 2022-06-13 | 5.0 MEDIUM | 9.8 CRITICAL |
| libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request. | |||||
| CVE-2019-5482 | 6 Debian, Fedoraproject, Haxx and 3 more | 17 Debian Linux, Fedora, Curl and 14 more | 2021-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. | |||||
| CVE-2019-5481 | 1 Haxx | 1 Curl | 2020-10-20 | 7.5 HIGH | 9.8 CRITICAL |
| Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. | |||||
| CVE-2018-1000300 | 2 Canonical, Haxx | 2 Ubuntu Linux, Curl | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0. | |||||
| CVE-2018-0500 | 2 Canonical, Haxx | 2 Ubuntu Linux, Curl | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value). | |||||
| CVE-2016-4606 | 2 Apple, Haxx | 2 Mac Os X, Curl | 2020-02-21 | 7.5 HIGH | 9.8 CRITICAL |
| Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks. | |||||
| CVE-2018-16840 | 2 Canonical, Haxx | 2 Ubuntu Linux, Curl | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct. | |||||
| CVE-2018-16839 | 3 Canonical, Debian, Haxx | 3 Ubuntu Linux, Debian Linux, Curl | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service. | |||||
| CVE-2017-2628 | 2 Haxx, Redhat | 4 Curl, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only. | |||||
| CVE-2016-8619 | 1 Haxx | 1 Curl | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free. | |||||
| CVE-2016-8620 | 1 Haxx | 1 Curl | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. | |||||
| CVE-2018-1000301 | 5 Canonical, Debian, Haxx and 2 more | 9 Ubuntu Linux, Debian Linux, Curl and 6 more | 2019-10-03 | 6.4 MEDIUM | 9.1 CRITICAL |
| curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0. | |||||
| CVE-2018-1000122 | 5 Canonical, Debian, Haxx and 2 more | 9 Ubuntu Linux, Debian Linux, Curl and 6 more | 2019-10-03 | 6.4 MEDIUM | 9.1 CRITICAL |
| A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage | |||||
| CVE-2018-16842 | 3 Canonical, Debian, Haxx | 3 Ubuntu Linux, Debian Linux, Curl | 2019-08-06 | 6.4 MEDIUM | 9.1 CRITICAL |
| Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service. | |||||
| CVE-2018-1000120 | 5 Canonical, Debian, Haxx and 2 more | 9 Ubuntu Linux, Debian Linux, Curl and 6 more | 2019-06-18 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse. | |||||
| CVE-2016-8618 | 1 Haxx | 1 Curl | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables. | |||||
| CVE-2017-8817 | 2 Debian, Haxx | 3 Debian Linux, Curl, Libcurl | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character. | |||||
| CVE-2017-8816 | 2 Debian, Haxx | 3 Debian Linux, Curl, Libcurl | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields. | |||||
| CVE-2017-8818 | 1 Haxx | 2 Curl, Libcurl | 2017-12-20 | 7.5 HIGH | 9.8 CRITICAL |
| curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library. | |||||