haxx

199 tracked vulnerabilities.

CVE-2018-16840 CRITICAL
curl 7.59.0-7.61.1 - Use-After-Free in Easy Handle Cleanup
Oct 31, 2018
CVSS 9.8
EPSS 0.03
CVE-2018-16839 MEDIUM
curl 7.33.0-7.61.1 - Denial of Service via SASL Authentication Buffer Overrun
Oct 31, 2018
CVSS 4.3
EPSS 0.06
CVE-2018-14618 HIGH
libcurl < 7.61.1 - Heap Buffer Overflow via NTLM Authentication Password Length
Sep 05, 2018
CVSS 7.5
EPSS 0.11
CVE-2018-0500 CRITICAL
curl 7.54.1-7.60.0 - Heap-Based Buffer Overflow in SMTP Data Transmission
Jul 11, 2018
CVSS 9.8
EPSS 0.06
CVE-2018-1000301 CRITICAL
curl <7.59.0 - Buffer Over-read
May 24, 2018
CVSS 9.1
EPSS 0.06
CVE-2018-1000300 CRITICAL
curl 7.54.1-7.59.0 - Heap-based Buffer Overflow via FTP Server Command Reply
May 24, 2018
CVSS 9.8
EPSS 0.05
CVE-2018-1000122 CRITICAL
curl <7.59 - Buffer Overflow
Mar 14, 2018
CVSS 9.1
EPSS 0.09
CVE-2018-1000121 HIGH
curl <7.59 - Denial of Service
Mar 14, 2018
CVSS 7.5
EPSS 0.10
CVE-2018-1000120 CRITICAL
curl <7.58.0 - Buffer Overflow
Mar 14, 2018
CVSS 9.8
EPSS 0.12
CVE-2018-1000007 CRITICAL
libcurl 7.1-7.57.0 - Authentication Data Leak via Redirect Header Handling
Jan 24, 2018
CVSS 9.8
EPSS 0.08
CVE-2018-1000005 CRITICAL
libcurl 7.49.0-7.57.0 - Out-of-bounds Read in HTTP/2 Trailer Handling
Jan 24, 2018
CVSS 9.1
EPSS 0.05
CVE-2017-2629 MEDIUM
curl < 7.53.0 - Improper TLS Certificate Validation via Status Request Extension
Jul 27, 2018
CVSS 4.3
EPSS 0.01
CVE-2017-7468 MEDIUM
libcurl 7.52.0-7.53.1 - TLS Session Resumption with Changed Client Certificate
Jul 16, 2018
CVSS 4.8
EPSS 0.02
CVE-2017-2628 CRITICAL
curl < 7.19.7-53 - Improper Authentication
Mar 12, 2018
CVSS 9.8
EPSS 0.04
CVE-2017-8818 CRITICAL
curl and libcurl < 7.57.0 - Denial of Service via Memory Allocation Error
Nov 29, 2017
CVSS 9.8
EPSS 0.04
CVE-2017-8817 CRITICAL
curl and libcurl < 7.57.0 - Out-of-bounds Read via FTP Wildcard String
Nov 29, 2017
CVSS 9.8
EPSS 0.11
CVE-2017-8816 CRITICAL
curl and libcurl < 7.57.0 - Denial of Service via NTLM Authentication Integer Overflow
Nov 29, 2017
CVSS 9.8
EPSS 0.09
CVE-2017-1000257 CRITICAL
libcurl 7.20.0-7.55.1 - Heap-Based Buffer Over-Read via IMAP FETCH Response
Oct 31, 2017
CVSS 9.1
EPSS 0.06
CVE-2017-1000254 HIGH
libcurl - Heap Buffer Overflow via Malformed FTP PWD Response
Oct 06, 2017
CVSS 7.5
EPSS 0.08
CVE-2017-1000101 MEDIUM
curl - Heap-Based Buffer Overflow via URL Globbing Range Parsing
Oct 05, 2017
CVSS 6.5
EPSS 0.04
CVE-2017-1000100 MEDIUM
libcurl - Exposure of Sensitive Information via TFTP URL Redirect
Oct 05, 2017
CVSS 6.5
EPSS 0.04
CVE-2017-1000099 MEDIUM
libcurl - Exposure of Sensitive Information via File URL Meta-Data Feature
Oct 05, 2017
CVSS 6.5
EPSS 0.03
CVE-2017-9502 MEDIUM
curl < 7.54.1 - Heap-Based Buffer Overflow via Default Protocol Function
Jun 14, 2017
CVSS 5.3
EPSS 0.03
CVE-2017-7407 LOW
curl 7.53.1 - Heap-Based Buffer Over-Read via --write-out Argument
Apr 03, 2017
CVSS 2.4
EPSS 0.01
CVE-2016-4606 CRITICAL
curl < 7.49.1 - Remote Code Execution
Feb 21, 2020
CVSS 9.8
EPSS 0.03