rpm package
opensuse/curl&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/curl&distro=openSUSE%20Tumbleweed
Vulnerabilities (151)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-8623 | — | < 7.51.0-1.1 | 7.51.0-1.1 | Aug 1, 2018 | A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure. | ||
| CVE-2016-8620 | — | < 7.51.0-1.1 | 7.51.0-1.1 | Aug 1, 2018 | The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. | ||
| CVE-2016-8619 | — | < 7.51.0-1.1 | 7.51.0-1.1 | Aug 1, 2018 | The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free. | ||
| CVE-2016-8616 | — | < 7.51.0-1.1 | 7.51.0-1.1 | Aug 1, 2018 | A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connectio | ||
| CVE-2016-8615 | — | < 7.51.0-1.1 | 7.51.0-1.1 | Aug 1, 2018 | A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar. | ||
| CVE-2016-8621 | — | < 7.51.0-1.1 | 7.51.0-1.1 | Jul 31, 2018 | The `curl_getdate` function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short. | ||
| CVE-2016-8617 | — | < 7.51.0-1.1 | 7.51.0-1.1 | Jul 31, 2018 | The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`. | ||
| CVE-2016-8624 | — | < 7.51.0-1.1 | 7.51.0-1.1 | Jul 31, 2018 | curl before version 7.51.0 doesn't parse the authority component of the URL correctly when the host name part ends with a '#' character, and could instead be tricked into connecting to a different host. This may have security implications if you for example use an URL parser that | ||
| CVE-2016-8622 | — | < 7.51.0-1.1 | 7.51.0-1.1 | Jul 31, 2018 | The URL percent-encoding decode function in libcurl before 7.51.0 is called `curl_easy_unescape`. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus th | ||
| CVE-2016-8618 | — | < 7.51.0-1.1 | 7.51.0-1.1 | Jul 31, 2018 | The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables. | ||
| CVE-2017-2629 | — | < 7.79.1-1.1 | 7.79.1-1.1 | Jul 27, 2018 | curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid proof, even when there is none o | ||
| CVE-2017-7468 | — | < 7.79.1-1.1 | 7.79.1-1.1 | Jul 16, 2018 | In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the ol | ||
| CVE-2018-0500 | — | < 7.79.1-1.1 | 7.79.1-1.1 | Jul 11, 2018 | Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument | ||
| CVE-2018-1000301 | Cri | 9.1 | < 7.79.1-1.1 | 7.79.1-1.1 | May 24, 2018 | curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability | |
| CVE-2018-1000300 | — | < 7.79.1-1.1 | 7.79.1-1.1 | May 24, 2018 | curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command rep | ||
| CVE-2016-9594 | — | < 7.79.1-1.1 | 7.79.1-1.1 | Apr 23, 2018 | curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable. | ||
| CVE-2016-9586 | — | < 7.79.1-1.1 | 7.79.1-1.1 | Apr 23, 2018 | curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could all | ||
| CVE-2018-1000122 | — | < 7.79.1-1.1 | 7.79.1-1.1 | Mar 14, 2018 | A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage | ||
| CVE-2018-1000120 | — | < 7.79.1-1.1 | 7.79.1-1.1 | Mar 14, 2018 | A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse. | ||
| CVE-2018-1000005 | — | < 7.79.1-1.1 | 7.79.1-1.1 | Jan 24, 2018 | libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The pr |
- CVE-2016-8623Aug 1, 2018affected < 7.51.0-1.1fixed 7.51.0-1.1
A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure.
- CVE-2016-8620Aug 1, 2018affected < 7.51.0-1.1fixed 7.51.0-1.1
The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input.
- CVE-2016-8619Aug 1, 2018affected < 7.51.0-1.1fixed 7.51.0-1.1
The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free.
- CVE-2016-8616Aug 1, 2018affected < 7.51.0-1.1fixed 7.51.0-1.1
A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connectio
- CVE-2016-8615Aug 1, 2018affected < 7.51.0-1.1fixed 7.51.0-1.1
A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar.
- CVE-2016-8621Jul 31, 2018affected < 7.51.0-1.1fixed 7.51.0-1.1
The `curl_getdate` function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short.
- CVE-2016-8617Jul 31, 2018affected < 7.51.0-1.1fixed 7.51.0-1.1
The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`.
- CVE-2016-8624Jul 31, 2018affected < 7.51.0-1.1fixed 7.51.0-1.1
curl before version 7.51.0 doesn't parse the authority component of the URL correctly when the host name part ends with a '#' character, and could instead be tricked into connecting to a different host. This may have security implications if you for example use an URL parser that
- CVE-2016-8622Jul 31, 2018affected < 7.51.0-1.1fixed 7.51.0-1.1
The URL percent-encoding decode function in libcurl before 7.51.0 is called `curl_easy_unescape`. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus th
- CVE-2016-8618Jul 31, 2018affected < 7.51.0-1.1fixed 7.51.0-1.1
The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.
- CVE-2017-2629Jul 27, 2018affected < 7.79.1-1.1fixed 7.79.1-1.1
curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid proof, even when there is none o
- CVE-2017-7468Jul 16, 2018affected < 7.79.1-1.1fixed 7.79.1-1.1
In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the ol
- CVE-2018-0500Jul 11, 2018affected < 7.79.1-1.1fixed 7.79.1-1.1
Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument
- affected < 7.79.1-1.1fixed 7.79.1-1.1
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability
- CVE-2018-1000300May 24, 2018affected < 7.79.1-1.1fixed 7.79.1-1.1
curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command rep
- CVE-2016-9594Apr 23, 2018affected < 7.79.1-1.1fixed 7.79.1-1.1
curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable.
- CVE-2016-9586Apr 23, 2018affected < 7.79.1-1.1fixed 7.79.1-1.1
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could all
- CVE-2018-1000122Mar 14, 2018affected < 7.79.1-1.1fixed 7.79.1-1.1
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage
- CVE-2018-1000120Mar 14, 2018affected < 7.79.1-1.1fixed 7.79.1-1.1
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
- CVE-2018-1000005Jan 24, 2018affected < 7.79.1-1.1fixed 7.79.1-1.1
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The pr
Page 6 of 8