curl vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the curl package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
L CVE-2024-9681	<8.11.0-r0
L CVE-2024-8096	<8.10.0-r0
M Out-of-bounds Read	<8.9.1-r0
M Out-of-bounds Read	<8.9.0-r0
H CVE-2024-6197	<8.9.0-r0
M Missing Encryption of Sensitive Data	<8.5.0-r0
L CVE-2024-2398	<8.7.1-r0
M CVE-2023-46218	<8.5.0-r0
L CVE-2024-2004	<8.7.1-r0
L CVE-2024-2466	<8.7.1-r0
M Improper Certificate Validation	<8.6.0-r0
M Improper Certificate Validation	<8.1.0-r0
H Use After Free	<8.1.0-r0
L CVE-2023-38546	<8.4.0-r0
M Improper Authentication	<8.0.0-r0
C Out-of-bounds Write	<8.4.0-r0
L CVE-2024-2379	<8.7.1-r0
L CVE-2023-28322	<8.1.0-r0
M Race Condition	<8.1.0-r0
H Arbitrary Code Injection	<8.0.0-r0
M Improper Authentication	<8.0.0-r0
H Allocation of Resources Without Limits or Throttling	<8.3.0-r0
M Double Free	<8.0.0-r0
M Use After Free	<7.87.0-r0
H Cleartext Transmission of Sensitive Information	<7.86.0-r0
H Directory Traversal	<8.0.0-r0
M Allocation of Resources Without Limits or Throttling	<7.88.0-r0
M Improper Authentication	<8.0.0-r0
M Cleartext Transmission of Sensitive Information	<7.88.0-r0
M Allocation of Resources Without Limits or Throttling	<7.84.0-r0
L CVE-2022-35252	<7.85.0-r0
M Allocation of Resources Without Limits or Throttling	<7.84.0-r0
H Use of Incorrectly-Resolved Name or Reference	<7.83.1-r0
M Cleartext Transmission of Sensitive Information	<7.83.1-r0
C Cleartext Transmission of Sensitive Information	<7.88.0-r0
H Cleartext Transmission of Sensitive Information	<7.87.0-r0
M Insufficiently Protected Credentials	<7.83.0-r0
H Loop with Unreachable Exit Condition ('Infinite Loop')	<7.83.1-r0
H Missing Authentication for Critical Function	<7.83.0-r0
H Improper Certificate Validation	<7.83.1-r0
M CVE-2022-27779	<7.83.1-r0
M Out-of-bounds Write	<7.84.0-r0
C Double Free	<7.79.0-r0
M Out-of-bounds Write	<7.86.0-r0
H Server-Side Request Forgery (SSRF)	<7.83.1-r0
H CVE-2022-27775	<7.83.0-r0
M Insufficient Verification of Data Authenticity	<7.79.0-r0
H Double Free	<7.86.0-r0
M Insufficiently Protected Credentials	<7.83.0-r0
C Exposure of Resource to Wrong Sphere	<7.86.0-r0
L Missing Initialization of Resource	<7.77.0-r0
C Incorrect Default Permissions	<7.84.0-r0
M Information Exposure	<7.76.0-r0
M Use of Uninitialized Resource	<7.78.0-r0
M Improper Validation of Integrity Check Value	<7.78.0-r0
L CVE-2020-8284	<7.74.0-r0
H Cleartext Transmission of Sensitive Information	<7.79.0-r0
H Information Exposure	<7.71.0-r0
L Integer Overflow or Wraparound	<7.65.0-r0
H Improper Certificate Validation	<7.74.0-r0
L Use of Incorrectly-Resolved Name or Reference	<7.78.0-r0
L Authentication Bypass	<7.76.0-r0
M Insufficiently Protected Credentials	<7.78.0-r0
H Use After Free	<7.77.0-r0
H Out-of-bounds Write	<7.65.0-r0
H Out-of-bounds Write	<7.74.0-r0
H Arbitrary Code Injection	<7.71.0-r0
C Out-of-bounds Write	<7.64.0-r0
H Out-of-bounds Read	<7.64.0-r0
C Buffer Overflow	<7.66.0-r0
C Out-of-bounds Read	<7.62.0-r0
C Integer Overflow or Wraparound	<7.61.1-r0
C Out-of-bounds Write	<7.61.0-r0
H NULL Pointer Dereference	<7.59.0-r0
C Double Free	<7.66.0-r0
C Integer Overflow or Wraparound	<7.57.0-r0
C Out-of-bounds Read	<7.57.0-r0
H Use After Free	<7.72.0-r0
C Out-of-Bounds	<7.57.0-r0
C Out-of-bounds Read	<7.60.0-r0
C Out-of-bounds Write	<7.60.0-r0
C Out-of-Bounds	<7.56.1-r0
M Out-of-Bounds	<7.55.0-r0
H Out-of-bounds Read	<7.64.0-r0
L Out-of-Bounds	<7.53.1-r2
H Improper Initialization	<7.52.1-r0
M Improper Certificate Validation	<7.53.0-r0
C Out-of-Bounds	<7.62.0-r0
M Information Exposure	<7.55.0-r0
C Double Free	<7.51.0-r0
C Use After Free	<7.62.0-r0
C Double Free	<7.51.0-r0
C Integer Overflow or Wraparound	<7.50.3-r0
C Out-of-bounds Write	<7.59.0-r0
M Credentials Management	<7.51.0-r0
H Resource Injection	<7.51.0-r0
H Improper Input Validation	<7.51.0-r0
H Cryptographic Issues	<7.50.1-r0
H Use After Free	<7.51.0-r0
H Use After Free	<7.50.1-r0
C Out-of-bounds Read	<7.51.0-r0
H Improper Input Validation	<7.51.0-r0
H Improper Certificate Validation	<7.54.0-r0
C Out-of-bounds Read	<7.59.0-r0
M Information Exposure	<7.55.0-r0
M Improper Authentication	<7.36.0-r0
M Cryptographic Issues	<7.36.0-r0
C Out-of-bounds Write	<7.51.0-r0
H Out-of-bounds Read	<7.51.0-r0
H Out-of-bounds Write	<7.51.0-r0
H Improper Authorization	<7.50.1-r0
H Improper Authentication	<7.50.2-r0