Direct Vulnerabilities

Known vulnerabilities in the curl package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2026-8927

<8.21.0-r0
  • L
CVE-2026-10536

<8.21.0-r0
  • L
CVE-2026-8926

<8.21.0-r0
  • L
CVE-2026-9080

<8.21.0-r0
  • L
CVE-2026-8924

<8.21.0-r0
  • L
CVE-2026-9547

<8.21.0-r0
  • L
CVE-2026-8925

<8.21.0-r0
  • L
CVE-2026-11856

<8.21.0-r0
  • L
CVE-2026-9546

<8.21.0-r0
  • L
CVE-2026-8458

<8.21.0-r0
  • L
CVE-2026-11564

<8.21.0-r0
  • L
CVE-2026-9545

<8.21.0-r0
  • L
CVE-2026-8932

<8.21.0-r0
  • L
CVE-2026-8286

<8.21.0-r0
  • L
CVE-2026-9079

<8.21.0-r0
  • L
CVE-2026-12064

<8.21.0-r0
  • L
CVE-2026-11352

<8.21.0-r0
  • L
CVE-2026-11586

<8.21.0-r0
  • L
CVE-2026-1965

<8.19.0-r0
  • L
Open Redirect

<8.18.0-r0
  • L
CVE-2025-10966

<8.17.0-r0
  • M
Improper Certificate Validation

<8.1.0-r0
  • L
CVE-2026-3783

<8.19.0-r0
  • L
CVE-2023-38546

<8.4.0-r0
  • H
Use After Free

<7.77.0-r0
  • M
Insufficient Verification of Data Authenticity

<7.79.0-r0
  • C
Out-of-bounds Write

<7.64.0-r0
  • M
Improper Authentication

<8.0.0-r0
  • M
Missing Encryption of Sensitive Data

<8.5.0-r0
  • C
Integer Overflow or Wraparound

<7.61.1-r0
  • C
Out-of-bounds Write

<7.61.0-r0
  • C
Double Free

<7.79.0-r0
  • L
CVE-2025-14017

<8.18.0-r0
  • L
CVE-2025-14819

<8.18.0-r0
  • M
Allocation of Resources Without Limits or Throttling

<7.88.0-r0
  • H
Use After Free

<7.50.1-r0
  • H
Improper Authorization

<7.50.1-r0
  • C
Incorrect Default Permissions

<7.84.0-r0
  • H
Directory Traversal

<8.0.0-r0
  • H
Arbitrary Code Injection

<8.0.0-r0
  • C
Out-of-Bounds

<7.57.0-r0
  • C
Use After Free

<7.62.0-r0
  • H
Use After Free

<7.72.0-r0
  • L
CVE-2022-35252

<7.85.0-r0
  • H
Improper Input Validation

<7.51.0-r0
  • C
Out-of-bounds Read

<7.59.0-r0
  • C
Buffer Overflow

<7.66.0-r0
  • H
Improper Authentication

<7.50.2-r0
  • H
Allocation of Resources Without Limits or Throttling

<8.3.0-r0
  • C
Double Free

<7.66.0-r0
  • L
Missing Initialization of Resource

<7.77.0-r0
  • L
CVE-2020-8284

<7.74.0-r0
  • H
Cryptographic Issues

<7.50.1-r0
  • C
Out-of-bounds Read

<7.57.0-r0
  • M
Insufficiently Protected Credentials

<7.83.0-r0
  • C
Out-of-bounds Write

<7.59.0-r0
  • M
Out-of-bounds Read

<8.9.1-r0
  • L
Missing Release of Resource after Effective Lifetime

<8.7.1-r0
  • M
Insufficient Session Expiration

<8.20.0-r0
  • M
Improper Authentication

<8.0.0-r0
  • L
Buffer Overflow

<8.12.0-r0
  • H
Server-Side Request Forgery (SSRF)

<8.20.0-r0
  • C
Out-of-bounds Write

<8.4.0-r0
  • M
Improper Certificate Validation

<8.20.0-r0
  • L
CVE-2025-0665

<8.12.0-r0
  • M
Race Condition

<8.1.0-r0
  • M
Double Free

<8.0.0-r0
  • C
Cleartext Transmission of Sensitive Information

<7.88.0-r0
  • H
Cleartext Transmission of Sensitive Information

<7.79.0-r0
  • H
Cleartext Transmission of Sensitive Information

<8.20.0-r0
  • C
Out-of-bounds Read

<7.51.0-r0
  • L
CVE-2024-2466

<8.7.1-r0
  • M
Insufficient Comparison

<8.11.0-r0
  • L
CVE-2024-11053

<8.11.1-r0
  • M
Allocation of Resources Without Limits or Throttling

<7.84.0-r0
  • M
Improper Validation of Integrity Check Value

<7.78.0-r0
  • M
Use of Uninitialized Resource

<7.78.0-r0
  • L
CVE-2023-28322

<8.1.0-r0
  • M
Allocation of Resources Without Limits or Throttling

<7.84.0-r0
  • M
Insufficiently Protected Credentials

<7.78.0-r0
  • M
Out-of-bounds Write

<7.84.0-r0
  • L
Integer Overflow or Wraparound

<7.65.0-r0
  • H
Out-of-bounds Read

<7.64.0-r0
  • H
Missing Authentication for Critical Function

<7.83.0-r0
  • H
Out-of-bounds Read

<7.64.0-r0
  • H
Improper Input Validation

<7.51.0-r0
  • H
NULL Pointer Dereference

<7.59.0-r0
  • M
Cleartext Transmission of Sensitive Information

<7.88.0-r0
  • H
Cleartext Transmission of Sensitive Information

<7.87.0-r0
  • M
Cryptographic Issues

<7.36.0-r0
  • H
Improper Certificate Validation

<7.54.0-r0
  • H
CVE-2022-27775

<7.83.0-r0
  • C
Out-of-bounds Read

<7.60.0-r0
  • M
Use After Free

<7.87.0-r0
  • C
Integer Overflow or Wraparound

<7.57.0-r0
  • M
Improper Authentication

<7.36.0-r0
  • H
Server-Side Request Forgery (SSRF)

<7.83.1-r0
  • L
Out-of-Bounds

<7.53.1-r2
  • C
Out-of-bounds Write

<7.60.0-r0
  • L
Use of Incorrectly-Resolved Name or Reference

<7.78.0-r0
  • M
Improper Authentication

<8.0.0-r0
  • L
CVE-2024-2004

<8.7.1-r0
  • H
Out-of-bounds Write

<7.51.0-r0
  • C
Out-of-Bounds

<7.56.1-r0
  • L
CVE-2026-3784

<8.19.0-r0
  • M
Out-of-bounds Read

<8.9.0-r0
  • H
Out-of-bounds Write

<7.65.0-r0
  • L
CVE-2025-10148

<8.16.0-r0
  • M
CVE-2022-27779

<7.83.1-r0
  • H
Double Free

<7.86.0-r0
  • L
Improper Certificate Validation

<8.20.0-r0
  • M
Information Exposure

<7.55.0-r0
  • L
Improper Certificate Validation

<8.7.1-r0
  • L
Out-of-bounds Read

<8.16.0-r0
  • M
Authentication Bypass

<8.20.0-r0
  • H
CVE-2024-6197

<8.9.0-r0
  • H
Arbitrary Code Injection

<7.71.0-r0
  • C
Out-of-Bounds

<7.62.0-r0
  • H
Information Exposure

<7.71.0-r0
  • M
Cleartext Transmission of Sensitive Information

<7.83.1-r0
  • H
Use After Free

<7.51.0-r0
  • M
Improper Certificate Validation

<8.6.0-r0
  • M
CVE-2023-46218

<8.5.0-r0
  • H
Out-of-bounds Write

<7.74.0-r0
  • C
Out-of-bounds Read

<7.62.0-r0
  • L
CVE-2026-3805

<8.19.0-r0
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

<8.14.1-r0
  • H
Improper Certificate Validation

<7.74.0-r0
  • L
CVE-2026-6429

<8.20.0-r0
  • M
Out-of-Bounds

<7.55.0-r0
  • H
Use After Free

<8.1.0-r0
  • M
Credentials Management

<7.51.0-r0
  • L
Insufficiently Protected Credentials

<8.20.0-r0
  • H
Use of Incorrectly-Resolved Name or Reference

<7.83.1-r0
  • H
Improper Certificate Validation

<7.83.1-r0
  • L
CVE-2024-8096

<8.10.0-r0
  • C
Exposure of Resource to Wrong Sphere

<7.86.0-r0
  • C
Out-of-bounds Write

<7.51.0-r0
  • L
Authentication Bypass

<7.76.0-r0
  • M
Information Exposure

<7.55.0-r0
  • M
Insufficiently Protected Credentials

<7.83.0-r0
  • C
Double Free

<7.51.0-r0
  • L
CVE-2025-0167

<8.12.0-r0
  • C
Double Free

<7.51.0-r0
  • H
Improper Initialization

<7.52.1-r0
  • M
Out-of-bounds Write

<7.86.0-r0
  • M
Improper Certificate Validation

<7.53.0-r0
  • H
Resource Injection

<7.51.0-r0
  • C
Integer Overflow or Wraparound

<7.50.3-r0
  • H
Out-of-bounds Read

<7.51.0-r0
  • H
Cleartext Transmission of Sensitive Information

<7.86.0-r0
  • M
Information Exposure

<7.76.0-r0
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<7.83.1-r0