Homepage

curl vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the curl package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
Improper Certificate Validation

<8.7.1-r0
  • H
CVE-2024-6197

<8.9.0-r0
  • L
CVE-2024-2466

<8.7.1-r0
  • L
CVE-2024-2004

<8.7.1-r0
  • M
Improper Certificate Validation

<8.6.0-r0
  • L
Missing Release of Resource after Effective Lifetime

<8.7.1-r0
  • M
Out-of-bounds Read

<8.9.0-r0
  • M
Missing Encryption of Sensitive Data

<8.5.0-r0
  • M
CVE-2023-46218

<8.5.0-r0
  • L
CVE-2023-38546

<8.4.0-r0
  • C
Out-of-bounds Write

<8.4.0-r0
  • H
Allocation of Resources Without Limits or Throttling

<8.3.0-r0
  • H
Use After Free

<8.1.0-r0
  • M
Race Condition

<8.1.0-r0
  • L
CVE-2023-28322

<8.1.0-r0
  • M
Improper Certificate Validation

<8.1.0-r0
  • M
Improper Authentication

<7.88.1-r1
  • H
Directory Traversal

<7.88.1-r1
  • H
Arbitrary Code Injection

<7.88.1-r1
  • M
Improper Authentication

<7.88.1-r1
  • M
Double Free

<7.88.1-r1
  • M
Improper Authentication

<7.88.1-r1
  • M
Cleartext Transmission of Sensitive Information

<7.87.0-r2
  • C
Cleartext Transmission of Sensitive Information

<7.87.0-r2
  • M
Allocation of Resources Without Limits or Throttling

<7.87.0-r2
  • M
Use After Free

<7.87.0-r0
  • H
Cleartext Transmission of Sensitive Information

<7.87.0-r0
  • M
Out-of-bounds Write

<7.86.0-r0
  • H
Double Free

<7.86.0-r0
  • H
Cleartext Transmission of Sensitive Information

<7.86.0-r0
  • C
Exposure of Resource to Wrong Sphere

<7.86.0-r0
  • L
CVE-2022-35252

<7.85.0-r0
  • C
Incorrect Default Permissions

<7.84.0-r0
  • M
Out-of-bounds Write

<7.84.0-r0
  • M
Allocation of Resources Without Limits or Throttling

<7.84.0-r0
  • M
Allocation of Resources Without Limits or Throttling

<7.84.0-r0
  • M
Cleartext Transmission of Sensitive Information

<7.83.1-r0
  • H
Improper Certificate Validation

<7.83.1-r0
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<7.83.1-r0
  • H
Server-Side Request Forgery (SSRF)

<7.83.1-r0
  • H
Use of Incorrectly-Resolved Name or Reference

<7.83.1-r0
  • M
CVE-2022-27779

<7.83.1-r0
  • H
CVE-2022-27775

<7.83.0-r0
  • M
Insufficiently Protected Credentials

<7.83.0-r0
  • M
Insufficiently Protected Credentials

<7.83.0-r0
  • H
Missing Authentication for Critical Function

<7.83.0-r0
  • C
Double Free

<7.79.0-r0
  • M
Insufficient Verification of Data Authenticity

<7.79.0-r0
  • H
Cleartext Transmission of Sensitive Information

<7.79.0-r0
  • L
Use of Incorrectly-Resolved Name or Reference

<7.78.0-r0
  • M
Improper Validation of Integrity Check Value

<7.78.0-r0
  • M
Insufficiently Protected Credentials

<7.78.0-r0
  • M
Use of Uninitialized Resource

<7.78.0-r0
  • H
Use After Free

<7.77.0-r0
  • L
Missing Initialization of Resource

<7.77.0-r0
  • L
Authentication Bypass

<7.76.0-r0
  • M
Information Exposure

<7.76.0-r0
  • L
CVE-2020-8284

<7.74.0-r0
  • H
Improper Certificate Validation

<7.74.0-r0
  • H
Out-of-bounds Write

<7.74.0-r0
  • H
Use After Free

<7.72.0-r0
  • H
Arbitrary Code Injection

<7.71.0-r0
  • H
Information Exposure

<7.71.0-r0
  • C
Buffer Overflow

<7.66.0-r0
  • C
Double Free

<7.66.0-r0
  • L
Integer Overflow or Wraparound

<7.65.0-r0
  • H
Out-of-bounds Write

<7.65.0-r0
  • H
Out-of-bounds Read

<7.64.0-r0
  • H
Out-of-bounds Read

<7.64.0-r0
  • C
Out-of-bounds Write

<7.64.0-r0
  • C
Use After Free

<7.62.0-r0
  • C
Out-of-Bounds

<7.62.0-r0
  • C
Out-of-bounds Read

<7.62.0-r0
  • C
Integer Overflow or Wraparound

<7.61.1-r0
  • C
Out-of-bounds Write

<7.61.0-r0
  • H
Improper Input Validation

<7.51.0-r0
  • H
Out-of-bounds Write

<7.51.0-r0
  • C
Double Free

<7.51.0-r0
  • C
Out-of-bounds Write

<7.51.0-r0
  • H
Use After Free

<7.51.0-r0
  • H
Out-of-bounds Read

<7.51.0-r0
  • C
Out-of-bounds Read

<7.51.0-r0
  • H
Improper Certificate Validation

<7.54.0-r0
  • H
Resource Injection

<7.51.0-r0
  • H
Improper Input Validation

<7.51.0-r0
  • C
Double Free

<7.51.0-r0
  • M
Credentials Management

<7.51.0-r0
  • M
Improper Certificate Validation

<7.53.0-r0
  • C
Out-of-bounds Write

<7.60.0-r0
  • C
Out-of-bounds Read

<7.60.0-r0
  • H
Improper Initialization

<7.52.1-r0
  • C
Out-of-bounds Read

<7.59.0-r0
  • H
NULL Pointer Dereference

<7.59.0-r0
  • C
Out-of-bounds Write

<7.59.0-r0
  • C
Out-of-bounds Read

<7.57.0-r0
  • C
Integer Overflow or Wraparound

<7.57.0-r0
  • C
Out-of-Bounds

<7.57.0-r0
  • C
Out-of-Bounds

<7.56.1-r0
  • M
Information Exposure

<7.55.0-r0
  • M
Out-of-Bounds

<7.55.0-r0
  • M
Information Exposure

<7.55.0-r0
  • L
Out-of-Bounds

<7.53.1-r2
  • C
Integer Overflow or Wraparound

<7.50.3-r0
  • H
Improper Authentication

<7.50.2-r0
  • H
Cryptographic Issues

<7.50.1-r0
  • H
Use After Free

<7.50.1-r0
  • H
Improper Authorization

<7.50.1-r0
  • M
Cryptographic Issues

<7.36.0-r0
  • M
Improper Authentication

<7.36.0-r0