rpm package
suse/curl-openssl1&distro=SUSE Linux Enterprise Server 11-SECURITY
pkg:rpm/suse/curl-openssl1&distro=SUSE%20Linux%20Enterprise%20Server%2011-SECURITY
Vulnerabilities (40)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-22947 | Med | 5.9 | < 7.37.0-70.74.1 | 7.37.0-70.74.1 | Sep 29, 2021 | When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached r | |
| CVE-2021-22946 | Hig | 7.5 | < 7.37.0-70.74.1 | 7.37.0-70.74.1 | Sep 29, 2021 | A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed | |
| CVE-2021-22925 | Med | 5.3 | < 7.37.0-70.71.1 | 7.37.0-70.71.1 | Aug 5, 2021 | curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized | |
| CVE-2021-22922 | Med | 6.5 | < 7.37.0-70.71.1 | 7.37.0-70.71.1 | Aug 5, 2021 | When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different | |
| CVE-2021-22924 | — | < 7.37.0-70.71.1 | 7.37.0-70.71.1 | Aug 5, 2021 | libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively | ||
| CVE-2021-22923 | — | < 7.37.0-70.71.1 | 7.37.0-70.71.1 | Aug 5, 2021 | When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents | ||
| CVE-2021-22898 | Low | 3.1 | < 7.37.0-70.63.1 | 7.37.0-70.63.1 | Jun 11, 2021 | curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could | |
| CVE-2021-22876 | — | < 7.37.0-70.60.1 | 7.37.0-70.60.1 | Apr 1, 2021 | curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP | ||
| CVE-2020-8285 | Hig | 7.5 | < 7.37.0-70.57.1 | 7.37.0-70.57.1 | Dec 14, 2020 | curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. | |
| CVE-2020-8284 | Low | 3.7 | < 7.37.0-70.57.1 | 7.37.0-70.57.1 | Dec 14, 2020 | A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanni | |
| CVE-2020-8177 | Hig | 7.8 | < 7.37.0-70.47.1 | 7.37.0-70.47.1 | Dec 14, 2020 | curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. | |
| CVE-2020-8231 | — | < 7.37.0-70.52.2 | 7.37.0-70.52.2 | Dec 14, 2020 | Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. | ||
| CVE-2019-5482 | Cri | 9.8 | < 7.37.0-70.44.1 | 7.37.0-70.44.1 | Sep 16, 2019 | Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. | |
| CVE-2019-5436 | Hig | 7.8 | < 7.37.0-70.41.2 | 7.37.0-70.41.2 | May 28, 2019 | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | |
| CVE-2018-16842 | — | < 7.37.0-70.38.1 | 7.37.0-70.38.1 | Oct 31, 2018 | Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service. | ||
| CVE-2018-16840 | — | < 7.37.0-70.38.1 | 7.37.0-70.38.1 | Oct 31, 2018 | A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and mi | ||
| CVE-2018-14618 | — | < 7.37.0-70.33.1 | 7.37.0-70.33.1 | Sep 5, 2018 | curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length va | ||
| CVE-2016-8623 | — | < 7.19.7-1.64.1 | 7.19.7-1.64.1 | Aug 1, 2018 | A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure. | ||
| CVE-2016-8620 | — | < 7.19.7-1.64.1 | 7.19.7-1.64.1 | Aug 1, 2018 | The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. | ||
| CVE-2016-8619 | — | < 7.19.7-1.64.1 | 7.19.7-1.64.1 | Aug 1, 2018 | The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free. |
- affected < 7.37.0-70.74.1fixed 7.37.0-70.74.1
When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached r
- affected < 7.37.0-70.74.1fixed 7.37.0-70.74.1
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed
- affected < 7.37.0-70.71.1fixed 7.37.0-70.71.1
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized
- affected < 7.37.0-70.71.1fixed 7.37.0-70.71.1
When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different
- CVE-2021-22924Aug 5, 2021affected < 7.37.0-70.71.1fixed 7.37.0-70.71.1
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively
- CVE-2021-22923Aug 5, 2021affected < 7.37.0-70.71.1fixed 7.37.0-70.71.1
When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents
- affected < 7.37.0-70.63.1fixed 7.37.0-70.63.1
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could
- CVE-2021-22876Apr 1, 2021affected < 7.37.0-70.60.1fixed 7.37.0-70.60.1
curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP
- affected < 7.37.0-70.57.1fixed 7.37.0-70.57.1
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
- affected < 7.37.0-70.57.1fixed 7.37.0-70.57.1
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanni
- affected < 7.37.0-70.47.1fixed 7.37.0-70.47.1
curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.
- CVE-2020-8231Dec 14, 2020affected < 7.37.0-70.52.2fixed 7.37.0-70.52.2
Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.
- affected < 7.37.0-70.44.1fixed 7.37.0-70.44.1
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
- affected < 7.37.0-70.41.2fixed 7.37.0-70.41.2
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
- CVE-2018-16842Oct 31, 2018affected < 7.37.0-70.38.1fixed 7.37.0-70.38.1
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
- CVE-2018-16840Oct 31, 2018affected < 7.37.0-70.38.1fixed 7.37.0-70.38.1
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and mi
- CVE-2018-14618Sep 5, 2018affected < 7.37.0-70.33.1fixed 7.37.0-70.33.1
curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length va
- CVE-2016-8623Aug 1, 2018affected < 7.19.7-1.64.1fixed 7.19.7-1.64.1
A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure.
- CVE-2016-8620Aug 1, 2018affected < 7.19.7-1.64.1fixed 7.19.7-1.64.1
The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input.
- CVE-2016-8619Aug 1, 2018affected < 7.19.7-1.64.1fixed 7.19.7-1.64.1
The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free.
Page 1 of 2