VYPR

Curl

by Curl

Source repositories

CVEs (157)

  • CVE-2016-8624MedJul 31, 2018
    risk 0.35cvss 5.3epss 0.06

    curl before version 7.51.0 doesn't parse the authority component of the URL correctly when the host name part ends with a '#' character, and could instead be tricked into connecting to a different host. This may have security implications if you for example use an URL parser…

  • CVE-2017-9502MedJun 14, 2017
    risk 0.35cvss 5.3epss 0.03

    In curl before 7.54.1 on Windows and DOS, libcurl's default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based…

  • CVE-2016-3739MedMay 20, 2016
    risk 0.35cvss 5.3epss 0.06

    The (1) mbed_connect_step1 function in lib/vtls/mbedtls.c and (2) polarssl_connect_step1 function in lib/vtls/polarssl.c in cURL and libcurl before 7.49.0, when using SSLv3 or making a TLS connection to a URL that uses a numerical IP address, allow remote attackers to spoof…

  • CVE-2016-0754MedJan 29, 2016
    risk 0.35cvss 5.3epss 0.01

    cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.

  • CVE-2023-46219MedDec 12, 2023
    risk 0.34cvss 5.3epss 0.01

    When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.

  • CVE-2026-6253MedMay 13, 2026
    risk 0.31cvss 5.9epss 0.01

    curl might erroneously pass on credentials for a first proxy to a second proxy. This can happen when the following conditions are true: 1. curl is setup to use specific different proxies for different URL schemes 2. the first proxy needs credentials 3. the second proxy uses no…

  • CVE-2026-4873MedMay 13, 2026
    risk 0.31cvss 5.9epss 0.00

    A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text (via IMAP, SMTP, or POP3), a subsequent request to that same host bypasses the TLS…

  • CVE-2021-22947MedSep 29, 2021
    risk 0.31cvss 5.9epss 0.03

    When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached…

  • CVE-2016-8625MedAug 1, 2018
    risk 0.28cvss 5.3epss 0.04

    curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host.

  • CVE-2016-8619MedAug 1, 2018
    risk 0.28cvss 5.3epss 0.05

    The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free.

  • CVE-2017-2629MedJul 27, 2018
    risk 0.28cvss 4.3epss 0.01

    curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid proof, even when there is none…

  • CVE-2026-7168MedMay 13, 2026
    risk 0.27cvss 5.3epss 0.00

    Successfully using libcurl to do a transfer over a specific HTTP proxy (`proxyA`) with **Digest** authentication and then changing the proxy host to a second one (`proxyB`) for a second transfer, reusing the same handle, makes libcurl wrongly pass on the `Proxy-Authorization:`…

  • CVE-2026-7009MedMay 13, 2026
    risk 0.27cvss 5.3epss 0.00

    When curl is told to use the Certificate Status Request TLS extension, often referred to as *OCSP stapling*, to verify that the server certificate is valid, it fails to detect OCSP problems and instead wrongly consider the response as fine.

  • CVE-2026-6429MedMay 13, 2026
    risk 0.27cvss 5.3epss 0.01

    When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to host under certain circumstances.

  • CVE-2021-22925MedAug 5, 2021
    risk 0.27cvss 5.3epss 0.05

    curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized…

  • CVE-2023-38546LowOct 18, 2023
    risk 0.24cvss 3.7epss 0.06

    This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single transfers. …

  • CVE-2020-8284LowDec 14, 2020
    risk 0.24cvss 3.7epss 0.04

    A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port…

  • CVE-2016-8623LowAug 1, 2018
    risk 0.22cvss 3.3epss 0.03

    A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure.

  • CVE-2025-10966MedNov 7, 2025
    risk 0.21cvss 4.3epss 0.00

    curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more.

  • CVE-2016-8617LowJul 31, 2018
    risk 0.21cvss 3.3epss 0.01

    The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`.

Page 3 of 8