curl

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description command line tool and library for transferring data with URLs
Version 8.6.0-3 [core]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2845 8.3.0-1 8.4.0-1 High Fixed
AVG-2817 7.83.1-1 7.84.0-1 Unknown Fixed
AVG-2771 7.83.1-1 7.84.0-1 Medium Fixed
AVG-2706 7.83.0-1 7.83.1-1 Medium Fixed
AVG-2685 7.82.0-3 7.83.0-1 Medium Fixed
AVG-2384 7.78.0-1 7.79.0-1 High Fixed
AVG-2194 7.77.0-1 7.78.0-1 Medium Fixed
AVG-2016 7.76.1-1 7.77.0-1 Low Not affected
AVG-1995 7.76.1-1 7.77.0-1 High Fixed
AVG-1982 7.65.3-1 7.66.0-1 Medium Fixed
AVG-1753 7.75.0-1 7.76.0-1 High Fixed
AVG-1337 7.73.0-1 7.74.0-1 Medium Fixed
AVG-1194 7.70.0-1 7.71.0-1 High Fixed
AVG-964 7.64.1-2 7.65.0-1 High Fixed
AVG-873 7.63.0-4 7.64.0-1 High Fixed
AVG-795 7.61.1-3 7.62.0-1 High Fixed
AVG-729 7.60.0-1 7.61.0-1 High Fixed
AVG-694 7.59.0-2 7.60.0-1 Critical Fixed
AVG-653 7.58.0-2 7.59.0-1 Medium Fixed
AVG-593 7.57.0-1 7.58.0-1 Medium Fixed
AVG-527 7.56.1-1 7.57.0-1 High Not affected
AVG-524 7.56.1-1 7.57.0-1 Medium Fixed
AVG-467 7.56.0-1 7.56.1-1 Medium Fixed
AVG-422 7.55.1-1 7.56.0-1 Low Fixed
AVG-370 7.54.1-2 7.55-1 Medium Fixed
AVG-241 7.53.1-2 7.54.0-1 Medium Fixed
AVG-179 7.52.1-2 7.53.0-1 Low Fixed
AVG-112 7.51.0-1 7.52.1-1 Medium Fixed FS#52247
AVG-60 7.50.3-1 7.51.0-1 High Fixed
AVG-20 7.50.2-1 7.50.3-1 Low Fixed
Issue Group Severity Remote Type Description
CVE-2023-38546 AVG-2845 Low Yes Content spoofing
A logic flaw has been found in cURL before 8.4.0, which allows an attacker to insert cookies at will into a running program using libcurl, if the specific...
CVE-2023-38545 AVG-2845 High Yes Arbitrary code execution
A heap-based buffer overflow has been found in the SOCKS5 proxy handshake component of cURL before 8.4.0.
CVE-2022-32208 AVG-2817 Unknown Unknown Unknown Unknown
CVE-2022-32207 AVG-2817 Unknown Unknown Unknown Unknown
CVE-2022-32206 AVG-2817 Unknown Unknown Unknown Unknown
CVE-2022-32205 AVG-2771 Medium Yes Denial of service
A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl stores all of them. A sufficiently large amount of...
CVE-2022-30115 AVG-2706 Medium No Information disclosure
A vulnerability was found in curl. This issue occurs because when using its HTTP Strict Transport Security(HSTS) support, it can instruct curl to use HTTPS...
CVE-2022-27782 AVG-2706 Medium Unknown Unknown
libcurl would reuse a previously created connection even when a TLS or SSH related option had been changed that should have prohibited reuse. libcurl keeps...
CVE-2022-27781 AVG-2706 Low Unknown Unknown
libcurl provides the `CURLOPT_CERTINFO` option to allow applications to request details to be returned about a TLS server's certificate chain. Due to an...
CVE-2022-27780 AVG-2706 Medium Unknown Unknown
The curl URL parser wrongly accepts percent-encoded URL separators like '/' when decoding the host name part of a URL, making it a *different* URL using the...
CVE-2022-27779 AVG-2706 Medium Unknown Unknown
libcurl wrongly allows HTTP cookies to be set for Top Level Domains (TLDs) if the host name is provided with a trailing dot. This can allow arbitrary sites...
CVE-2022-27778 AVG-2706 Medium Unknown Unknown
If curl adds a number to not "clobber" the output and an error occurs during transfer, the remove on error logic would remove the *original* file name...
CVE-2022-27776 AVG-2685 Low No Insufficient validation
curl might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
CVE-2022-27775 AVG-2685 Low No Information disclosure
flaws in libcurl's connection pool could lead to exposure of sensitive information to an unauthorized actor
CVE-2022-27774 AVG-2685 Medium No Information disclosure
curl leaks credentials to other servers when it follows redirects from auth protected HTTP(S) URLs to other protocols and port numbers. It could also leak...
CVE-2022-22576 AVG-2685 Medium Yes Authentication bypass
libcurl might reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for...
CVE-2021-22947 AVG-2384 Medium Yes Man-in-the-middle
A STARTTLS protocol injection flaw via man-in-the-middle was found in curl before 7.79.0. When curl connects to an IMAP, POP3, SMTP or FTP server to...
CVE-2021-22946 AVG-2384 Medium Yes Silent downgrade
A security issue was found in curl before 7.79.0. A user can tell curl to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server...
CVE-2021-22945 AVG-2384 High Yes Arbitrary code execution
A use-after-free security issue has been found in the MQTT sending component of curl before 7.79.0. When sending data to an MQTT server, libcurl could in...
CVE-2021-22925 AVG-2194 Medium Yes Information disclosure
A security issue has been found in curl before version 7.78.0. curl supports the -t command line option, known as CURLOPT_TELNETOPTIONS in libcurl. This...
CVE-2021-22924 AVG-2194 Medium Yes Insufficient validation
A security issue has been found in curl before version 7.78.0. libcurl keeps previously used connections in a connection pool for subsequent transfers to...
CVE-2021-22923 AVG-2194 Medium Yes Information disclosure
A security issue has been found in curl before version 7.78.0 When curl is instructed to get content using the metalink feature, and a user name and...
CVE-2021-22922 AVG-2194 Medium Yes Insufficient validation
A security issue has been found in curl before version 7.78.0. When curl is instructed to download content using the metalink feature, the contents is...
CVE-2021-22901 AVG-1995 High Yes Arbitrary code execution
libcurl before version 7.77.0 can be tricked into using already freed memory when a new TLS session is negotiated or a client certificate is requested on an...
CVE-2021-22898 AVG-1995 Medium Yes Information disclosure
A security issue has been found in curl before version 7.77.0. curl supports the -t command line option, known as CURLOPT_TELNETOPTIONS in libcurl. This...
CVE-2021-22897 AVG-2016 Low Yes Incorrect calculation
A security issue has been found in curl before version 7.77.0. libcurl lets applictions specify which specific TLS ciphers to use in transfers, using the...
CVE-2021-22890 AVG-1753 High Yes Authentication bypass
Enabled by default, libcurl supports the use of TLS 1.3 session tickets to resume previous TLS sessions to speed up subsequent TLS handshakes.  When using a...
CVE-2021-22876 AVG-1753 Medium Yes Information disclosure
libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and...
CVE-2020-8286 AVG-1337 Medium Yes Certificate verification bypass
A security issue was found in curl versions 7.41.0 up to and including 7.73.0. libcurl offers "OCSP stapling" via the CURLOPT_SSL_VERIFYSTATUS option. When...
CVE-2020-8285 AVG-1337 Medium Yes Denial of service
A security issue was found in curl versions 7.21.0 up to and including 7.73.0. libcurl offers a wildcard matching functionality, which allows a callback...
CVE-2020-8284 AVG-1337 Low Yes Information disclosure
A security issue was found in curl versions 4.0 up to and including 7.73.0. When curl performs a passive FTP transfer, it first tries the EPSV command and...
CVE-2020-8177 AVG-1194 High Yes Arbitrary file overwrite
An issue has been found in curl from 7.20.0 upto and including 7.70.0, which can be tricked by a malicious server to overwrite a local file when using -J...
CVE-2020-8169 AVG-1194 Medium Yes Information disclosure
An issue has been found in libcurl  from7.62.0 up to and including 7.70.0, which can be tricked to prepend a part of the password to the host name before it...
CVE-2019-5482 AVG-1982 Medium Yes Arbitrary code execution
libcurl contains a heap buffer overflow in the function (tftp_receive_packet()) that receives data from a TFTP server. It can call recvfrom() with the...
CVE-2019-5481 AVG-1982 Low Yes Denial of service
libcurl can be told to use kerberos over FTP to a server, as set with the CURLOPT_KRBLEVEL option. During such kerberos FTP data transfer, the server sends...
CVE-2019-5436 AVG-964 High Yes Arbitrary code execution
libcurl before 7.65.0 contains a heap buffer overflow in the function (tftp_receive_packet()) that receives data from a TFTP server. It calls recvfrom()...
CVE-2019-3823 AVG-873 High Yes Arbitrary code execution
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer...
CVE-2019-3822 AVG-873 High Yes Arbitrary code execution
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header...
CVE-2018-1000301 AVG-694 Medium Yes Denial of service
curl >= 7.20.0 and < 7.60.0 can be tricked into reading data beyond the end of a heap based buffer used to store downloaded content. When servers send RTSP...
CVE-2018-1000300 AVG-694 Critical Yes Arbitrary code execution
curl >= 7.54.1 and < 7.60.0 might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies. When doing...
CVE-2018-1000122 AVG-653 Medium Yes Information disclosure
A buffer over-read exists in curl >= 7.20.0 and < 7.59.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information...
CVE-2018-1000121 AVG-653 Medium Yes Denial of service
A NULL pointer dereference exists in the LDAP code of curl >= 7.21.0 and < curl 7.59.0, allowing an attacker to cause a denial of service. libcurl-using...
CVE-2018-1000120 AVG-653 Medium Yes Denial of service
It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP...
CVE-2018-1000007 AVG-593 Medium Yes Information disclosure
libcurl might leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first...
CVE-2018-1000005 AVG-593 Medium Yes Denial of service
libcurl contains an out bounds read in code handling HTTP/2 trailers. It was reported that reading an HTTP/2 trailer could mess up future trailers since the...
CVE-2018-16890 AVG-873 Medium Yes Arbitrary code execution
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages...
CVE-2018-16842 AVG-795 Medium Yes Information disclosure
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information...
CVE-2018-16840 AVG-795 High Yes Arbitrary code execution
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up...
CVE-2018-0500 AVG-729 High Yes Arbitrary code execution
It has been discovered that curl before 7.61.0 might overflow a heap based memory buffer when sending data over SMTP and using a reduced read buffer.  When...
CVE-2017-1000257 AVG-467 Medium Yes Information disclosure
A heap buffer overrun flaw was found in the IMAP handler of libcurl >= 7.20.0 and < 7.56.1. An IMAP FETCH response line indicates the size of the returned...
CVE-2017-1000254 AVG-422 Low Yes Denial of service
When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory with the `PWD` command. The...
CVE-2017-1000101 AVG-370 Low No Information disclosure
A heap-based read buffer overflow has been found in curl < 7.55.0. In the globbing function that parses the numerical range, there was an omission that made...
CVE-2017-1000100 AVG-370 Medium Yes Information disclosure
An information disclosure issue has been found in curl < 7.55.0. When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file...
CVE-2017-1000099 AVG-370 Low No Information disclosure
An information disclosure issue has been found in curl < 7.55.0. When asking to get a file from a file:// URL, libcurl provides a feature that outputs...
CVE-2017-8818 AVG-527 High Yes Arbitrary code execution
An out-of-bounds flaw has been found in the SSL related code of libcurl >= 7.56.0 and < 7.57.0. When allocating memory for a connection (the internal struct...
CVE-2017-8817 AVG-524 Medium Yes Information disclosure
A read out of bounds flaw has been found in the FTP wildcard function of libcurl >= 7.21.0 and < 7.57.0. libcurl's FTP wildcard matching feature, which is...
CVE-2017-8816 AVG-527 High Yes Arbitrary code execution
A buffer overrun flaw has been found in libcurl > 7.15.4 and < 7.57.0, in the NTLM authentication code. The internal function...
CVE-2017-7468 AVG-241 Medium Yes Certificate verification bypass
libcurl from 7.52.0 to and including 7.53.1 would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a...
CVE-2017-2629 AVG-179 Low Yes Insufficient validation
A coding error has been found in curl >= 7.52.0 and < 7.53.0, causing the TLS Certificate Status Request extension check to always return true. curl and...
CVE-2016-9594 AVG-112 Medium Yes Incorrect calculation
libcurl's (new) internal function that returns a good 32bit random value was implemented poorly and overwrote the pointer instead of writing the value into...
CVE-2016-9586 AVG-112 Medium Yes Arbitrary code execution
libcurl's implementation of the printf() functions triggers a buffer overflow when doing a large floating point output. The bug occurs when the conversion...
CVE-2016-8625 AVG-60 Medium Yes Insufficient validation
When curl is built with libidn to handle International Domain Names (IDNA), it translates them to puny code for DNS resolving using the IDNA 2003 standard,...
CVE-2016-8624 AVG-60 Medium Yes Insufficient validation
curl doesn't parse the authority component of the URL correctly when the host name part ends with a '#' character, and could instead be tricked into...
CVE-2016-8623 AVG-60 High Yes Arbitrary code execution
libcurl explicitly allows users to share cookies between multiple easy handles that are concurrently employed by different threads. When cookies to be sent...
CVE-2016-8622 AVG-60 High Yes Arbitrary code execution
The URL percent-encoding decode function in libcurl is called curl_easy_unescape. Internally, even if this function would be made to allocate a unscape...
CVE-2016-8621 AVG-60 Medium Yes Information disclosure
The curl_getdate converts a given date string into a numerical timestamp and it supports a range of different formats and possibilites to express a date and...
CVE-2016-8620 AVG-60 High No Arbitrary code execution
The curl tool's "globbing" feature allows a user to specify a numerical range through which curl will iterate. It is typically specified as [1-5],...
CVE-2016-8619 AVG-60 High Yes Arbitrary code execution
In curl's implementation of the Kerberos authentication mechanism, the function read_data() in security.c is used to fill the necessary krb5 structures....
CVE-2016-8617 AVG-60 High Yes Arbitrary code execution
In libcurl's base64 encode function, the output buffer is allocated as follows without any checks on insize:  malloc( insize * 4 / 3 + 4 ) On systems with...
CVE-2016-8616 AVG-60 Low Yes Authentication bypass
When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections.  This means that if an...
CVE-2016-8615 AVG-60 Medium Yes Content spoofing
If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies...
CVE-2016-7167 AVG-20 Low Yes Denial of service
The four libcurl functions curl_escape(), curl_easy_escape(), curl_unescape and curl_easy_unescape perform string URL percent escaping and unescaping. They...

Advisories

Date Advisory Group Severity Type
21 Jul 2021 ASA-202107-59 AVG-2194 Medium multiple issues
01 Jun 2021 ASA-202106-4 AVG-1995 High multiple issues
31 May 2019 ASA-201905-16 AVG-964 High arbitrary code execution
12 Feb 2019 ASA-201902-9 AVG-873 High arbitrary code execution
06 Nov 2018 ASA-201811-4 AVG-795 High multiple issues
16 Jul 2018 ASA-201807-10 AVG-729 High arbitrary code execution
17 May 2018 ASA-201805-13 AVG-694 Critical multiple issues
19 Mar 2018 ASA-201803-15 AVG-653 Medium multiple issues
28 Jan 2018 ASA-201801-20 AVG-593 Medium multiple issues
02 Nov 2017 ASA-201711-6 AVG-467 Medium information disclosure
30 Nov 2017 ASA-201711-33 AVG-524 Medium information disclosure
05 Oct 2017 ASA-201710-2 AVG-422 Low denial of service
22 Aug 2017 ASA-201708-16 AVG-370 Medium information disclosure
29 Apr 2017 ASA-201704-12 AVG-241 Medium certificate verification bypass
03 Mar 2017 ASA-201703-1 AVG-179 Low insufficient validation
27 Dec 2016 ASA-201612-22 AVG-112 Medium multiple issues
03 Nov 2016 ASA-201611-7 AVG-60 High multiple issues
20 Sep 2016 ASA-201609-19 AVG-20 Low denial of service