haxx

181 tracked vulnerabilities.

CVE-2022-27775 HIGH
curl 7.65.0-7.82.0 - Information Disclosure via IPv6 Connection Reuse
Jun 02, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-27774 MEDIUM
curl 4.9-7.82.0 - Credential Leak via HTTP Redirect
Jun 02, 2022
CVSS 5.7
EPSS 0.00
CVE-2022-22576 HIGH
curl 7.33.0-7.82.0 - Improper Authentication via OAUTH2 Connection Reuse
May 26, 2022
CVSS 8.1
EPSS 0.00
CVE-2021-22947 MEDIUM
curl >=7.20.0 <=7.78.0 - Info Disclosure
Sep 29, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-22946 HIGH
curl >=7.20.0-7.78.0 - Info Disclosure
Sep 29, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-22945 CRITICAL
libcurl <= 7.73.0, 7.78.0 - Use After Free
Sep 23, 2021
CVSS 9.1
EPSS 0.00
CVE-2021-22926 HIGH
libcurl-using applications < - Info Disclosure
Aug 05, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22925 MEDIUM
curl 7.7-7.77.0 - Exposure of Sensitive Information via TELNET NEW_ENV Option Parser
Aug 05, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-22924 LOW
libcurl 7.10.4-7.76.1 - Connection Reuse via Case-Insensitive Path Matching
Aug 05, 2021
CVSS 3.7
EPSS 0.01
CVE-2021-22923 MEDIUM
curl - Metalink Feature - Auth Bypass
Aug 05, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-22922 MEDIUM
curl 7.27.0-7.77.0 - Unauthenticated Malicious Content Retention via Metalink Hash Mismatch
Aug 05, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-22901 HIGH
curl 7.75.0-7.76.1 - Use-After-Free via TLS 1.3 Session Ticket Handling
Jun 11, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-22898 LOW
curl 7.7-7.76.1 - Information Disclosure via TELNET NEW_ENV Option Parser
Jun 11, 2021
CVSS 3.1
EPSS 0.00
CVE-2021-22897 MEDIUM
curl 7.61.0-7.76.1 - Data Element Exposure via CURLOPT_SSL_CIPHER_LIST
Jun 11, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-22890 LOW
curl/libcurl 7.63.0-7.75.0 - HTTPS Proxy MITM via TLS Session Tickets
Apr 01, 2021
CVSS 3.7
EPSS 0.00
CVE-2021-22876 MEDIUM
libcurl 7.1.1-7.75.0 - Credential Leak via HTTP Referer Header
Apr 01, 2021
CVSS 5.3
EPSS 0.00
CVE-2020-19909 LOW
curl 7.65.2 - Integer Overflow via Large Retry Delay Value
Aug 22, 2023
CVSS 3.3
EPSS 0.00
CVE-2020-8286 HIGH
libcurl 7.41.0-7.73.0 - Improper Certificate Validation via OCSP Response
Dec 14, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-8285 HIGH
libcurl 7.21.0-7.73.0 - Uncontrolled Recursion via FTP Wildcard Match Parsing
Dec 14, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-8284 LOW
curl < 7.73.0 - Exposure of Sensitive Information via FTP PASV Response
Dec 14, 2020
CVSS 3.7
EPSS 0.00
CVE-2020-8231 HIGH
libcurl 7.29.0-7.71.1 - Use-After-Free via Dangling Pointer
Dec 14, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-8177 HIGH
curl 7.20.0-7.70.0 - Arbitrary File Overwrite via -J Flag
Dec 14, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-8169 HIGH
curl 7.62.0-7.70.0 - Information Disclosure via Password Leak
Dec 14, 2020
CVSS 7.5
EPSS 0.00
CVE-2019-5482 CRITICAL
cURL 7.19.4-7.65.3 - Heap-based Buffer Overflow in TFTP Protocol Handler
Sep 16, 2019
CVSS 9.8
EPSS 0.10
CVE-2019-5481 CRITICAL
curl 7.52.0-7.65.3 - Double Free in FTP-Kerberos Code
Sep 16, 2019
CVSS 9.8
EPSS 0.04
Products
curl 142 libcurl 61
Quick Filters
Critical CVEs With Exploits In CISA KEV