haxx
199 tracked vulnerabilities.
CVE-2018-16840
CRITICAL
curl 7.59.0-7.61.1 - Use-After-Free in Easy Handle Cleanup
Oct 31, 2018
CVSS 9.8
EPSS 0.03
CVE-2018-16839
MEDIUM
curl 7.33.0-7.61.1 - Denial of Service via SASL Authentication Buffer Overrun
Oct 31, 2018
CVSS 4.3
EPSS 0.06
CVE-2018-14618
HIGH
libcurl < 7.61.1 - Heap Buffer Overflow via NTLM Authentication Password Length
Sep 05, 2018
CVSS 7.5
EPSS 0.11
CVE-2018-0500
CRITICAL
curl 7.54.1-7.60.0 - Heap-Based Buffer Overflow in SMTP Data Transmission
Jul 11, 2018
CVSS 9.8
EPSS 0.06
CVE-2018-1000301
CRITICAL
curl <7.59.0 - Buffer Over-read
May 24, 2018
CVSS 9.1
EPSS 0.06
CVE-2018-1000300
CRITICAL
curl 7.54.1-7.59.0 - Heap-based Buffer Overflow via FTP Server Command Reply
May 24, 2018
CVSS 9.8
EPSS 0.05
CVE-2018-1000122
CRITICAL
curl <7.59 - Buffer Overflow
Mar 14, 2018
CVSS 9.1
EPSS 0.09
CVE-2018-1000121
HIGH
curl <7.59 - Denial of Service
Mar 14, 2018
CVSS 7.5
EPSS 0.10
CVE-2018-1000120
CRITICAL
curl <7.58.0 - Buffer Overflow
Mar 14, 2018
CVSS 9.8
EPSS 0.12
CVE-2018-1000007
CRITICAL
libcurl 7.1-7.57.0 - Authentication Data Leak via Redirect Header Handling
Jan 24, 2018
CVSS 9.8
EPSS 0.08
CVE-2018-1000005
CRITICAL
libcurl 7.49.0-7.57.0 - Out-of-bounds Read in HTTP/2 Trailer Handling
Jan 24, 2018
CVSS 9.1
EPSS 0.05
CVE-2017-2629
MEDIUM
curl < 7.53.0 - Improper TLS Certificate Validation via Status Request Extension
Jul 27, 2018
CVSS 4.3
EPSS 0.01
CVE-2017-7468
MEDIUM
libcurl 7.52.0-7.53.1 - TLS Session Resumption with Changed Client Certificate
Jul 16, 2018
CVSS 4.8
EPSS 0.02
CVE-2017-2628
CRITICAL
curl < 7.19.7-53 - Improper Authentication
Mar 12, 2018
CVSS 9.8
EPSS 0.04
CVE-2017-8818
CRITICAL
curl and libcurl < 7.57.0 - Denial of Service via Memory Allocation Error
Nov 29, 2017
CVSS 9.8
EPSS 0.04
CVE-2017-8817
CRITICAL
curl and libcurl < 7.57.0 - Out-of-bounds Read via FTP Wildcard String
Nov 29, 2017
CVSS 9.8
EPSS 0.11
CVE-2017-8816
CRITICAL
curl and libcurl < 7.57.0 - Denial of Service via NTLM Authentication Integer Overflow
Nov 29, 2017
CVSS 9.8
EPSS 0.09
CVE-2017-1000257
CRITICAL
libcurl 7.20.0-7.55.1 - Heap-Based Buffer Over-Read via IMAP FETCH Response
Oct 31, 2017
CVSS 9.1
EPSS 0.06
CVE-2017-1000254
HIGH
libcurl - Heap Buffer Overflow via Malformed FTP PWD Response
Oct 06, 2017
CVSS 7.5
EPSS 0.08
CVE-2017-1000101
MEDIUM
curl - Heap-Based Buffer Overflow via URL Globbing Range Parsing
Oct 05, 2017
CVSS 6.5
EPSS 0.04
CVE-2017-1000100
MEDIUM
libcurl - Exposure of Sensitive Information via TFTP URL Redirect
Oct 05, 2017
CVSS 6.5
EPSS 0.04
CVE-2017-1000099
MEDIUM
libcurl - Exposure of Sensitive Information via File URL Meta-Data Feature
Oct 05, 2017
CVSS 6.5
EPSS 0.03
CVE-2017-9502
MEDIUM
curl < 7.54.1 - Heap-Based Buffer Overflow via Default Protocol Function
Jun 14, 2017
CVSS 5.3
EPSS 0.03
CVE-2017-7407
LOW
curl 7.53.1 - Heap-Based Buffer Over-Read via --write-out Argument
Apr 03, 2017
CVSS 2.4
EPSS 0.01
CVE-2016-4606
CRITICAL
curl < 7.49.1 - Remote Code Execution
Feb 21, 2020
CVSS 9.8
EPSS 0.03
Products
Quick Filters