haxx
199 tracked vulnerabilities.
CVE-2021-22925
MEDIUM
curl 7.7-7.77.0 - Exposure of Sensitive Information via TELNET NEW_ENV Option Parser
Aug 05, 2021
CVSS 5.3
EPSS 0.05
CVE-2021-22924
LOW
libcurl 7.10.4-7.76.1 - Connection Reuse via Case-Insensitive Path Matching
Aug 05, 2021
CVSS 3.7
EPSS 0.06
CVE-2021-22923
MEDIUM
curl - Metalink Feature - Auth Bypass
Aug 05, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-22922
MEDIUM
curl 7.27.0-7.77.0 - Unauthenticated Malicious Content Retention via Metalink Hash Mismatch
Aug 05, 2021
CVSS 6.5
EPSS 0.04
CVE-2021-22901
HIGH
curl 7.75.0-7.76.1 - Use-After-Free via TLS 1.3 Session Ticket Handling
Jun 11, 2021
CVSS 8.1
EPSS 0.60
CVE-2021-22898
LOW
curl 7.7-7.76.1 - Information Disclosure via TELNET NEW_ENV Option Parser
Jun 11, 2021
CVSS 3.1
EPSS 0.04
CVE-2021-22897
MEDIUM
curl 7.61.0-7.76.1 - Data Element Exposure via CURLOPT_SSL_CIPHER_LIST
Jun 11, 2021
CVSS 5.3
EPSS 0.03
CVE-2021-22890
LOW
curl/libcurl 7.63.0-7.75.0 - HTTPS Proxy MITM via TLS Session Tickets
Apr 01, 2021
CVSS 3.7
EPSS 0.03
CVE-2021-22876
MEDIUM
libcurl 7.1.1-7.75.0 - Credential Leak via HTTP Referer Header
Apr 01, 2021
CVSS 5.3
EPSS 0.05
CVE-2020-19909
LOW
curl 7.65.2 - Integer Overflow via Large Retry Delay Value
Aug 22, 2023
CVSS 3.3
EPSS 0.00
CVE-2020-8286
HIGH
libcurl 7.41.0-7.73.0 - Improper Certificate Validation via OCSP Response
Dec 14, 2020
CVSS 7.5
EPSS 0.05
CVE-2020-8285
HIGH
libcurl 7.21.0-7.73.0 - Uncontrolled Recursion via FTP Wildcard Match Parsing
Dec 14, 2020
CVSS 7.5
EPSS 0.10
CVE-2020-8284
LOW
curl < 7.73.0 - Exposure of Sensitive Information via FTP PASV Response
Dec 14, 2020
CVSS 3.7
EPSS 0.04
CVE-2020-8231
HIGH
libcurl 7.29.0-7.71.1 - Use-After-Free via Dangling Pointer
Dec 14, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-8177
HIGH
curl 7.20.0-7.70.0 - Arbitrary File Overwrite via -J Flag
Dec 14, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-8169
HIGH
curl 7.62.0-7.70.0 - Information Disclosure via Password Leak
Dec 14, 2020
CVSS 7.5
EPSS 0.03
CVE-2019-5482
CRITICAL
cURL 7.19.4-7.65.3 - Heap-based Buffer Overflow in TFTP Protocol Handler
Sep 16, 2019
CVSS 9.8
EPSS 0.18
CVE-2019-5481
CRITICAL
curl 7.52.0-7.65.3 - Double Free in FTP-Kerberos Code
Sep 16, 2019
CVSS 9.8
EPSS 0.07
CVE-2019-5443
HIGH
curl <= 7.65.1 - Uncontrolled Search Path Element via OpenSSL Engine Config
Jul 02, 2019
CVSS 7.8
EPSS 0.01
CVE-2019-5436
HIGH
libcurl 7.19.4-7.64.1 - Heap-based Buffer Overflow in TFTP Receiving Code
May 28, 2019
CVSS 7.8
EPSS 0.50
CVE-2019-5435
LOW
curl 7.62.0-7.64.1 - Integer Overflow Buffer Overflow in URL API
May 28, 2019
CVSS 3.7
EPSS 0.05
CVE-2019-3823
MEDIUM
libcurl 7.34.0-7.63.0 - Heap Out-of-Bounds Read in SMTP Response Handler
Feb 06, 2019
CVSS 4.3
EPSS 0.04
CVE-2019-3822
CRITICAL
libcurl 7.36.0-7.63.0 - Stack-based Buffer Overflow in NTLM Type-3 Header Generation
Feb 06, 2019
CVSS 9.8
EPSS 0.13
CVE-2018-16890
HIGH
libcurl <7.64.0 - Memory Corruption
Feb 06, 2019
CVSS 7.5
EPSS 0.05
CVE-2018-16842
MEDIUM
curl 7.14.1-7.61.1 - Heap-Based Buffer Over-Read in voutf
Oct 31, 2018
CVSS 4.4
EPSS 0.02
Products
Quick Filters