Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Curl
(Haxx)| Repositories |
• https://github.com/curl/curl
• https://github.com/bagder/curl |
| #Vulnerabilities | 110 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-03-12 | CVE-2016-9953 | The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read. | Curl | 9.8 | ||
| 2018-04-23 | CVE-2016-9586 | curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks. | Curl | 8.1 | ||
| 2018-04-23 | CVE-2016-9594 | curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable. | Curl | 8.1 | ||
| 2018-07-31 | CVE-2016-8618 | The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables. | Curl | 9.8 | ||
| 2018-07-31 | CVE-2016-8624 | curl before version 7.51.0 doesn't parse the authority component of the URL correctly when the host name part ends with a '#' character, and could instead be tricked into connecting to a different host. This may have security implications if you for example use an URL parser that follows the RFC to check for allowed domains before using curl to request them. | Curl | 7.5 | ||
| 2018-07-31 | CVE-2016-8617 | The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`. | Curl | 7.0 | ||
| 2018-07-31 | CVE-2016-8621 | The `curl_getdate` function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short. | Curl | 7.5 | ||
| 2018-08-01 | CVE-2016-8615 | A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar. | Curl | 7.5 | ||
| 2018-08-01 | CVE-2016-8616 | A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped credentials, an attacker can cause that connection to be reused if s/he knows the case-insensitive version of the correct password. | Curl | 5.9 | ||
| 2018-08-01 | CVE-2016-8619 | The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free. | Curl | 9.8 |