VYPR

Curl

by Curl

Source repositories

CVEs (157)

  • CVE-2022-35252Sep 23, 2022
    risk 0.00cvss epss 0.02

    When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.

  • CVE-2022-32206Jul 7, 2022
    risk 0.00cvss epss 0.32

    curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to…

  • CVE-2022-32205Jul 7, 2022
    risk 0.00cvss epss 0.27

    A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create…

  • CVE-2022-32207Jul 7, 2022
    risk 0.00cvss epss 0.05

    When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the…

  • CVE-2022-32208Jul 7, 2022
    risk 0.00cvss epss 0.06

    When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.

  • CVE-2022-27776Jun 1, 2022
    risk 0.00cvss epss 0.03

    A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.

  • CVE-2022-30115Jun 1, 2022
    risk 0.00cvss epss 0.01

    Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the…

  • CVE-2022-27779Jun 1, 2022
    risk 0.00cvss epss 0.02

    libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL…

  • CVE-2022-27780Jun 1, 2022
    risk 0.00cvss epss 0.02

    The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe…

  • CVE-2021-22923Aug 5, 2021
    risk 0.00cvss epss 0.02

    When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents…

  • CVE-2021-22890Apr 1, 2021
    risk 0.00cvss epss 0.03

    curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as…

  • CVE-2021-22876Apr 1, 2021
    risk 0.00cvss epss 0.05

    curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP…

  • CVE-2020-8169Dec 14, 2020
    risk 0.00cvss epss 0.03

    curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).

  • CVE-2020-8286Dec 14, 2020
    risk 0.00cvss epss 0.05

    curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

  • CVE-2016-4606Feb 21, 2020
    risk 0.00cvss epss 0.03

    Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other…

  • CVE-2019-5443Jul 2, 2019
    risk 0.00cvss epss 0.01

    A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything…

  • CVE-2019-5435May 28, 2019
    risk 0.00cvss epss 0.05

    An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.

  • CVE-2018-16842Oct 31, 2018
    risk 0.00cvss epss 0.02

    Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.

  • CVE-2018-16839Oct 31, 2018
    risk 0.00cvss epss 0.06

    Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.

  • CVE-2018-16840Oct 31, 2018
    risk 0.00cvss epss 0.03

    A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and…

Page 7 of 8