U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:haxx:curl:7.56.1:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 41 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2021-22925

curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application.

Published: August 05, 2021; 5:15:11 PM -0400
V4.0:(not available)
V3.1: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2021-22923

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user's expectations and intentions and without telling the user it happened.

Published: August 05, 2021; 5:15:11 PM -0400
V4.0:(not available)
V3.1: 5.3 MEDIUM
V2.0: 2.6 LOW
CVE-2021-22922

When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk.

Published: August 05, 2021; 5:15:11 PM -0400
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2021-22898

curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.

Published: June 11, 2021; 12:15:11 PM -0400
V4.0:(not available)
V3.1: 3.1 LOW
V2.0: 2.6 LOW
CVE-2020-8284

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.

Published: December 14, 2020; 3:15:13 PM -0500
V4.0:(not available)
V3.1: 3.7 LOW
V2.0: 4.3 MEDIUM
CVE-2020-8177

curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.

Published: December 14, 2020; 3:15:13 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2019-5482

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

Published: September 16, 2019; 3:15:10 PM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2019-5481

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.

Published: September 16, 2019; 3:15:10 PM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2019-5443

A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants.

Published: July 02, 2019; 3:15:10 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 4.4 MEDIUM
CVE-2018-16842

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.

Published: October 31, 2018; 3:29:00 PM -0400
V4.0:(not available)
V3.0: 9.1 CRITICAL
V2.0: 6.4 MEDIUM
CVE-2018-16839

Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.

Published: October 31, 2018; 2:29:00 PM -0400
V4.0:(not available)
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-0500

Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value).

Published: July 11, 2018; 9:29:00 AM -0400
V4.0:(not available)
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-1000301

curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.

Published: May 24, 2018; 9:29:01 AM -0400
V4.0:(not available)
V3.0: 9.1 CRITICAL
V2.0: 6.4 MEDIUM
CVE-2018-1000300

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0.

Published: May 24, 2018; 9:29:01 AM -0400
V4.0:(not available)
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-1000122

A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage

Published: March 14, 2018; 2:29:00 PM -0400
V4.0:(not available)
V3.0: 9.1 CRITICAL
V2.0: 6.4 MEDIUM
CVE-2018-1000121

A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service

Published: March 14, 2018; 2:29:00 PM -0400
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2018-1000120

A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.

Published: March 14, 2018; 2:29:00 PM -0400
V4.0:(not available)
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-1000007

libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request.

Published: January 24, 2018; 5:29:00 PM -0500
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0: 5.0 MEDIUM
CVE-2017-8818

curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library.

Published: November 29, 2017; 1:29:00 PM -0500
V4.0:(not available)
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-8817

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

Published: November 29, 2017; 1:29:00 PM -0500
V4.0:(not available)
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH