Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libcurl
(Haxx)| Repositories |
• https://github.com/bagder/curl
• https://github.com/curl/curl |
| #Vulnerabilities | 61 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-11-29 | CVE-2017-8817 | The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character. | Debian_linux, Curl, Libcurl | 9.8 | ||
| 2017-11-29 | CVE-2017-8816 | The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields. | Debian_linux, Curl, Libcurl | 9.8 | ||
| 2017-10-31 | CVE-2017-1000257 | An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it... | Debian_linux, Libcurl | 9.1 | ||
| 2017-10-04 | CVE-2017-1000100 | When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious... | Libcurl | 6.5 | ||
| 2017-10-04 | CVE-2017-1000099 | When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user (stdout or the application's provide callback), which could lead to other private data from the heap to get inadvertently displayed. The wrong buffer was an uninitialized memory area allocated on the heap and if it turned out to not contain any zero byte, it would continue and display the data... | Libcurl | 6.5 | ||
| 2016-10-03 | CVE-2016-7141 | curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has been set, a different vulnerability than CVE-2016-5420. | Libcurl, Leap | 7.5 | ||
| 2015-06-22 | CVE-2015-3237 | The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values. | Curl, Libcurl, System_management_homepage, Enterprise_manager_ops_center, Glassfish_server | N/A | ||
| 2015-06-22 | CVE-2015-3236 | cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authentication credentials for a previous connection when reusing a reset (curl_easy_reset) connection handle to send a request to the same host name, which allows remote attackers to obtain sensitive information via unspecified vectors. | Curl, Libcurl | N/A | ||
| 2015-05-01 | CVE-2015-3153 | The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents. | Mac_os_x, Ubuntu_linux, Debian_linux, Curl, Libcurl, Enterprise_manager_ops_center | N/A | ||
| 2015-04-24 | CVE-2015-3148 | cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request. | Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Curl, Libcurl, System_management_homepage, Opensuse | N/A |