haxx
199 tracked vulnerabilities.
CVE-2016-8625
MEDIUM
curl < 7.51.0 - Unauthenticated Host Spoofing via Outdated IDNA 2003 Standard
Aug 01, 2018
CVSS 5.3
EPSS 0.04
CVE-2016-8623
LOW
curl < 7.51.0 - Use-After-Free in Cookie Handling
Aug 01, 2018
CVSS 3.3
EPSS 0.03
CVE-2016-8620
MEDIUM
curl < 7.51.0 - Integer Overflow via Globbing Feature
Aug 01, 2018
CVSS 6.5
EPSS 0.04
CVE-2016-8619
MEDIUM
curl < 7.51.0 - Use-After-Free in read_data()
Aug 01, 2018
CVSS 5.3
EPSS 0.05
CVE-2016-8616
LOW
curl < 7.51.0 - Authentication Bypass via Case-Insensitive Credential Reuse
Aug 01, 2018
CVSS 3.7
EPSS 0.03
CVE-2016-8615
MEDIUM
curl < 7.51.0 - Cookie Injection via Cookie Jar File
Aug 01, 2018
CVSS 5.3
EPSS 0.04
CVE-2016-8621
MEDIUM
curl < 7.51.0 - Out-of-bounds Read in curl_getdate
Jul 31, 2018
CVSS 5.3
EPSS 0.05
CVE-2016-8617
LOW
curl < 7.51.0 - Out-of-bounds Write via Base64 Encode Function
Jul 31, 2018
CVSS 3.3
EPSS 0.01
CVE-2016-8624
MEDIUM
curl < 7.51.0 - URL Authority Parsing Flaw via Hostname Ending with '#'
Jul 31, 2018
CVSS 5.3
EPSS 0.06
CVE-2016-8622
LOW
libcurl < 7.51.0 - Integer Overflow in URL Percent-Encoding Decode Function
Jul 31, 2018
CVSS 3.7
EPSS 0.05
CVE-2016-8618
MEDIUM
curl < 7.51.0 - Use-After-Free via Unsafe size_t Multiplication in curl_maprintf()
Jul 31, 2018
CVSS 5.3
EPSS 0.05
CVE-2016-9594
MEDIUM
curl < 7.52.1 - Improper Initialization in Random Value Generation
Apr 23, 2018
CVSS 6.5
EPSS 0.03
CVE-2016-9586
MEDIUM
curl < 7.52.0 - Buffer Overflow via Large Floating Point Output in printf Implementation
Apr 23, 2018
CVSS 5.9
EPSS 0.05
CVE-2016-9953
CRITICAL
curl 7.30.0-7.51.0 - Out-of-bounds Read via Wildcard Certificate Name
Mar 12, 2018
CVSS 9.8
EPSS 0.02
CVE-2016-9952
HIGH
curl 7.30.0-7.51.0 - Improper Certificate Validation via Wildcard SAN in schannel TLS Backend
Mar 12, 2018
CVSS 8.1
EPSS 0.01
CVE-2016-7167
CRITICAL
Fedora < 7.50.2 - Integer Overflow
Oct 07, 2016
CVSS 9.8
EPSS 0.12
CVE-2016-7141
HIGH
Opensuse Leap < 7.50.1 - Authentication Bypass
Oct 03, 2016
CVSS 7.5
EPSS 0.08
CVE-2016-5421
HIGH
Opensuse Leap < 7.50.0 - Use After Free
Aug 10, 2016
CVSS 8.1
EPSS 0.08
CVE-2016-5420
HIGH
Debian Linux < 7.50.0 - Improper Authorization
Aug 10, 2016
CVSS 7.5
EPSS 0.15
CVE-2016-5419
HIGH
libcurl < 7.50.1 - TLS Session Resumption Bypass via Changed Client Certificate
Aug 10, 2016
CVSS 7.5
EPSS 0.15
CVE-2016-4802
HIGH
curl < 7.49.1 - Untrusted Search Path Vulnerability via DLL Hijacking
Jun 24, 2016
CVSS 7.8
EPSS 0.01
CVE-2016-3739
MEDIUM
curl < 7.49.0 - Server Spoofing via Arbitrary Valid Certificate
May 20, 2016
CVSS 5.3
EPSS 0.06
CVE-2016-0755
HIGH
curl < 7.47.0 - Improper Authentication via NTLM Proxy Connection Reuse
Jan 29, 2016
CVSS 7.3
EPSS 0.09
CVE-2016-0754
MEDIUM
curl < 7.46.0 - Arbitrary File Write via Colon in Remote File Name
Jan 29, 2016
CVSS 5.3
EPSS 0.01
CVE-2015-3237
cURL & libcurl <7.43 - Info Disclosure/DoS
Jun 22, 2015
EPSS 0.09
Products
Quick Filters