Homepage

curl vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the curl package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
CVE-2024-6197

<8.9.0-r0
  • L
CVE-2024-2004

<8.7.1-r0
  • L
CVE-2024-2398

<8.7.1-r0
  • L
CVE-2024-2466

<8.7.1-r0
  • M
Out-of-bounds Read

<8.9.0-r0
  • L
CVE-2024-2379

<8.7.1-r0
  • M
Improper Certificate Validation

<8.6.0-r0
  • M
Race Condition

<8.1.0-r0
  • H
Use After Free

<8.1.0-r0
  • M
Missing Encryption of Sensitive Data

<8.5.0-r0
  • M
Improper Authentication

<8.0.0-r0
  • M
CVE-2023-46218

<8.5.0-r0
  • H
Directory Traversal

<8.0.0-r0
  • M
Double Free

<8.0.0-r0
  • L
CVE-2023-38546

<8.4.0-r0
  • M
Improper Authentication

<8.0.0-r0
  • M
Allocation of Resources Without Limits or Throttling

<7.88.0-r0
  • C
Out-of-bounds Write

<8.4.0-r0
  • H
Allocation of Resources Without Limits or Throttling

<8.3.0-r0
  • H
Cleartext Transmission of Sensitive Information

<7.86.0-r0
  • H
Arbitrary Code Injection

<8.0.0-r0
  • M
Out-of-bounds Write

<7.86.0-r0
  • C
Exposure of Resource to Wrong Sphere

<7.86.0-r0
  • M
Cleartext Transmission of Sensitive Information

<7.88.0-r0
  • C
Cleartext Transmission of Sensitive Information

<7.88.0-r0
  • M
Improper Authentication

<8.0.0-r0
  • M
CVE-2022-27779

<7.83.1-r0
  • M
Out-of-bounds Write

<7.84.0-r0
  • L
CVE-2023-28322

<8.1.0-r0
  • M
Improper Certificate Validation

<8.1.0-r0
  • C
Incorrect Default Permissions

<7.84.0-r0
  • H
Improper Certificate Validation

<7.83.1-r0
  • H
Use of Incorrectly-Resolved Name or Reference

<7.83.1-r0
  • M
Allocation of Resources Without Limits or Throttling

<7.84.0-r0
  • H
Missing Authentication for Critical Function

<7.83.0-r0
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<7.83.1-r0
  • H
Server-Side Request Forgery (SSRF)

<7.83.1-r0
  • M
Insufficiently Protected Credentials

<7.83.0-r0
  • H
Cleartext Transmission of Sensitive Information

<7.87.0-r0
  • L
Use of Incorrectly-Resolved Name or Reference

<7.78.0-r0
  • M
Cleartext Transmission of Sensitive Information

<7.83.1-r0
  • M
Use After Free

<7.87.0-r0
  • M
Allocation of Resources Without Limits or Throttling

<7.84.0-r0
  • H
Out-of-bounds Write

<7.74.0-r0
  • H
CVE-2022-27775

<7.83.0-r0
  • M
Improper Validation of Integrity Check Value

<7.78.0-r0
  • H
Double Free

<7.86.0-r0
  • H
Use After Free

<7.72.0-r0
  • L
CVE-2022-35252

<7.85.0-r0
  • H
Cleartext Transmission of Sensitive Information

<7.79.0-r0
  • H
Use After Free

<7.77.0-r0
  • H
Improper Certificate Validation

<7.74.0-r0
  • L
CVE-2020-8284

<7.74.0-r0
  • H
Arbitrary Code Injection

<7.71.0-r0
  • M
Insufficiently Protected Credentials

<7.78.0-r0
  • M
Insufficient Verification of Data Authenticity

<7.79.0-r0
  • H
Out-of-bounds Read

<7.64.0-r0
  • C
Out-of-bounds Write

<7.64.0-r0
  • H
Information Exposure

<7.71.0-r0
  • L
Missing Initialization of Resource

<7.77.0-r0
  • C
Double Free

<7.79.0-r0
  • C
Out-of-bounds Write

<7.60.0-r0
  • H
Out-of-bounds Read

<7.64.0-r0
  • M
Insufficiently Protected Credentials

<7.83.0-r0
  • C
Buffer Overflow

<7.66.0-r0
  • C
Double Free

<7.66.0-r0
  • C
Use After Free

<7.62.0-r0
  • C
Out-of-bounds Read

<7.60.0-r0
  • H
NULL Pointer Dereference

<7.59.0-r0
  • M
Use of Uninitialized Resource

<7.78.0-r0
  • C
Out-of-Bounds

<7.62.0-r0
  • L
Authentication Bypass

<7.76.0-r0
  • C
Out-of-Bounds

<7.56.1-r0
  • M
Information Exposure

<7.55.0-r0
  • C
Out-of-bounds Read

<7.62.0-r0
  • M
Information Exposure

<7.76.0-r0
  • C
Integer Overflow or Wraparound

<7.61.1-r0
  • C
Out-of-bounds Read

<7.57.0-r0
  • M
Information Exposure

<7.55.0-r0
  • C
Out-of-bounds Write

<7.61.0-r0
  • L
Out-of-Bounds

<7.53.1-r2
  • L
Integer Overflow or Wraparound

<7.65.0-r0
  • C
Out-of-bounds Read

<7.59.0-r0
  • H
Out-of-bounds Write

<7.65.0-r0
  • C
Out-of-bounds Write

<7.59.0-r0
  • C
Double Free

<7.51.0-r0
  • C
Integer Overflow or Wraparound

<7.57.0-r0
  • C
Out-of-Bounds

<7.57.0-r0
  • M
Out-of-Bounds

<7.55.0-r0
  • C
Out-of-bounds Write

<7.51.0-r0
  • H
Improper Initialization

<7.52.1-r0
  • M
Credentials Management

<7.51.0-r0
  • M
Improper Certificate Validation

<7.53.0-r0
  • H
Improper Authorization

<7.50.1-r0
  • H
Resource Injection

<7.51.0-r0
  • C
Double Free

<7.51.0-r0
  • H
Use After Free

<7.50.1-r0
  • M
Cryptographic Issues

<7.36.0-r0
  • H
Improper Certificate Validation

<7.54.0-r0
  • H
Improper Authentication

<7.50.2-r0
  • H
Out-of-bounds Write

<7.51.0-r0
  • H
Use After Free

<7.51.0-r0
  • H
Improper Input Validation

<7.51.0-r0
  • C
Out-of-bounds Read

<7.51.0-r0
  • H
Improper Input Validation

<7.51.0-r0
  • M
Improper Authentication

<7.36.0-r0
  • H
Out-of-bounds Read

<7.51.0-r0
  • C
Integer Overflow or Wraparound

<7.50.3-r0
  • H
Cryptographic Issues

<7.50.1-r0