VYPR

Curl

by Curl

Source repositories

CVEs (157)

  • CVE-2024-2466Mar 27, 2024
    risk 0.00cvss epss 0.01

    libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely…

  • CVE-2024-2379Mar 27, 2024
    risk 0.00cvss epss 0.02

    libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.

  • CVE-2024-2398Mar 27, 2024
    risk 0.00cvss epss 0.36

    When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated…

  • CVE-2024-2004Mar 27, 2024
    risk 0.00cvss epss 0.02

    When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext…

  • CVE-2024-0853Feb 3, 2024
    risk 0.00cvss epss 0.01

    curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP stapling*) test failed. A subsequent transfer to the same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check.

  • CVE-2020-19909Aug 22, 2023
    risk 0.00cvss epss 0.00

    Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated systems or networks if,…

  • CVE-2023-28322May 26, 2023
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously…

  • CVE-2023-28320May 26, 2023
    risk 0.00cvss epss 0.03

    A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()`…

  • CVE-2023-28321May 26, 2023
    risk 0.00cvss epss 0.02

    An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one…

  • CVE-2023-28319May 26, 2023
    risk 0.00cvss epss 0.02

    A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now…

  • CVE-2023-27534Mar 30, 2023
    risk 0.00cvss epss 0.02

    A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home…

  • CVE-2023-27533Mar 30, 2023
    risk 0.00cvss epss 0.02

    A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send…

  • CVE-2023-23914Feb 23, 2023
    risk 0.00cvss epss 0.01

    A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP…

  • CVE-2023-23915Feb 23, 2023
    risk 0.00cvss epss 0.01

    A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an…

  • CVE-2023-23916Feb 23, 2023
    risk 0.00cvss epss 0.02

    An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable…

  • CVE-2022-43552Feb 9, 2023
    risk 0.00cvss epss 0.03

    A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl…

  • CVE-2022-43551Dec 23, 2022
    risk 0.00cvss epss 0.17

    A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS…

  • CVE-2022-35260Dec 5, 2022
    risk 0.00cvss epss 0.02

    curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will…

  • CVE-2022-42916Oct 29, 2022
    risk 0.00cvss epss 0.02

    In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be…

  • CVE-2022-42915Oct 29, 2022
    risk 0.00cvss epss 0.03

    curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might…

Page 6 of 8