CVE-2016-8625 |
Medium |
Yes |
Insufficient validation |
When curl is built with libidn to handle International Domain Names (IDNA), it translates them to puny code for DNS resolving using the IDNA 2003 standard,... |
CVE-2016-8624 |
Medium |
Yes |
Insufficient validation |
curl doesn't parse the authority component of the URL correctly when the host name part ends with a '#' character, and could instead be tricked into... |
CVE-2016-8623 |
High |
Yes |
Arbitrary code execution |
libcurl explicitly allows users to share cookies between multiple easy handles that are concurrently employed by different threads. When cookies to be sent... |
CVE-2016-8622 |
High |
Yes |
Arbitrary code execution |
The URL percent-encoding decode function in libcurl is called curl_easy_unescape. Internally, even if this function would be made to allocate a unscape... |
CVE-2016-8621 |
Medium |
Yes |
Information disclosure |
The curl_getdate converts a given date string into a numerical timestamp and it supports a range of different formats and possibilites to express a date and... |
CVE-2016-8619 |
High |
Yes |
Arbitrary code execution |
In curl's implementation of the Kerberos authentication mechanism, the function read_data() in security.c is used to fill the necessary krb5 structures.... |
CVE-2016-8617 |
High |
Yes |
Arbitrary code execution |
In libcurl's base64 encode function, the output buffer is allocated as follows without any checks on insize: malloc( insize * 4 / 3 + 4 ) On systems with... |
CVE-2016-8616 |
Low |
Yes |
Authentication bypass |
When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an... |
CVE-2016-8615 |
Medium |
Yes |
Content spoofing |
If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies... |