haxx

181 tracked vulnerabilities.

CVE-2017-1000254 HIGH
libcurl - Heap Buffer Overflow via Malformed FTP PWD Response
Oct 06, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-1000101 MEDIUM
curl - Heap-Based Buffer Overflow via URL Globbing Range Parsing
Oct 05, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-1000100 MEDIUM
libcurl - Exposure of Sensitive Information via TFTP URL Redirect
Oct 05, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-1000099 MEDIUM
libcurl - Exposure of Sensitive Information via File URL Meta-Data Feature
Oct 05, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-9502 MEDIUM
curl < 7.54.1 - Heap-Based Buffer Overflow via Default Protocol Function
Jun 14, 2017
CVSS 5.3
EPSS 0.01
CVE-2017-7407 LOW
curl 7.53.1 - Heap-Based Buffer Over-Read via --write-out Argument
Apr 03, 2017
CVSS 2.4
EPSS 0.00
CVE-2016-4606 CRITICAL
curl < 7.49.1 - Remote Code Execution
Feb 21, 2020
CVSS 9.8
EPSS 0.02
CVE-2016-8625 MEDIUM
curl < 7.51.0 - Unauthenticated Host Spoofing via Outdated IDNA 2003 Standard
Aug 01, 2018
CVSS 5.3
EPSS 0.02
CVE-2016-8623 LOW
curl < 7.51.0 - Use-After-Free in Cookie Handling
Aug 01, 2018
CVSS 3.3
EPSS 0.01
CVE-2016-8620 MEDIUM
curl < 7.51.0 - Integer Overflow via Globbing Feature
Aug 01, 2018
CVSS 6.5
EPSS 0.01
CVE-2016-8619 MEDIUM
curl < 7.51.0 - Use-After-Free in read_data()
Aug 01, 2018
CVSS 5.3
EPSS 0.03
CVE-2016-8616 LOW
curl < 7.51.0 - Authentication Bypass via Case-Insensitive Credential Reuse
Aug 01, 2018
CVSS 3.7
EPSS 0.04
CVE-2016-8615 MEDIUM
curl < 7.51.0 - Cookie Injection via Cookie Jar File
Aug 01, 2018
CVSS 5.3
EPSS 0.04
CVE-2016-8621 MEDIUM
curl < 7.51.0 - Out-of-bounds Read in curl_getdate
Jul 31, 2018
CVSS 5.3
EPSS 0.03
CVE-2016-8617 LOW
curl < 7.51.0 - Out-of-bounds Write via Base64 Encode Function
Jul 31, 2018
CVSS 3.3
EPSS 0.00
CVE-2016-8624 MEDIUM
curl < 7.51.0 - URL Authority Parsing Flaw via Hostname Ending with '#'
Jul 31, 2018
CVSS 5.3
EPSS 0.01
CVE-2016-8622 LOW
libcurl < 7.51.0 - Integer Overflow in URL Percent-Encoding Decode Function
Jul 31, 2018
CVSS 3.7
EPSS 0.02
CVE-2016-8618 MEDIUM
curl < 7.51.0 - Use-After-Free via Unsafe size_t Multiplication in curl_maprintf()
Jul 31, 2018
CVSS 5.3
EPSS 0.02
CVE-2016-9594 MEDIUM
curl < 7.52.1 - Improper Initialization in Random Value Generation
Apr 23, 2018
CVSS 6.5
EPSS 0.01
CVE-2016-9586 MEDIUM
curl < 7.52.0 - Buffer Overflow via Large Floating Point Output in printf Implementation
Apr 23, 2018
CVSS 5.9
EPSS 0.01
CVE-2016-9953 CRITICAL
curl 7.30.0-7.51.0 - Out-of-bounds Read via Wildcard Certificate Name
Mar 12, 2018
CVSS 9.8
EPSS 0.01
CVE-2016-9952 HIGH
curl 7.30.0-7.51.0 - Improper Certificate Validation via Wildcard SAN in schannel TLS Backend
Mar 12, 2018
CVSS 8.1
EPSS 0.01
CVE-2016-7167 CRITICAL
Fedora < 7.50.2 - Integer Overflow
Oct 07, 2016
CVSS 9.8
EPSS 0.02
CVE-2016-7141 HIGH
Opensuse Leap < 7.50.1 - Authentication Bypass
Oct 03, 2016
CVSS 7.5
EPSS 0.01
CVE-2016-5421 HIGH
Opensuse Leap < 7.50.0 - Use After Free
Aug 10, 2016
CVSS 8.1
EPSS 0.01
Products
curl 142 libcurl 61
Quick Filters
Critical CVEs With Exploits In CISA KEV