libcurl vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the libcurl package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Missing Release of Resource after Effective Lifetime	*
L External Control of File Name or Path	*
L Improper Synchronization	*
L Expected Behavior Violation	*
M Improper Certificate Validation	*
M Authentication Bypass by Primary Weakness	*
M Authentication Bypass by Primary Weakness	*
L Directory Traversal	*
M Allocation of Resources Without Limits or Throttling	*
M Cleartext Transmission of Sensitive Information	*
L Use After Free	*
M Improper Enforcement of Message Integrity During Transmission in a Communication Channel	*
M Information Exposure	*
M Inappropriate Encoding for Output Context	*
M Release of Invalid Pointer or Reference	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Cleartext Transmission of Sensitive Information	*
M Improper Certificate Validation	*
M Insufficiently Protected Credentials	*
M Insufficiently Protected Credentials	*
M Improper Authentication	<0:7.19.7-53.el6_9
M Improper Authentication	<0:7.19.7-37.el6_5.3
M Improper Authentication	<0:7.19.7-37.el6_5.3
M Heap-based Buffer Overflow	<0:7.19.7-37.el6_4
M Information Exposure	<0:7.19.7-36.el6_4
M Out-of-bounds Read	<0:7.19.7-46.el6
M Improper Input Validation	<0:7.19.7-46.el6
M Improper Authentication	<0:7.19.7-46.el6
M HTTP Response Splitting	<0:7.19.7-46.el6
M Improper Authentication	<0:7.19.7-46.el6
M Credentials Management	<0:7.19.7-26.el6_1.1
M Uncontrolled Recursion	*
M Information Exposure	*
M Heap-based Buffer Overflow	*
L Heap-based Buffer Overflow	*
L Out-of-bounds Read	*
L Incorrect Calculation of Buffer Size	*
M Out-of-bounds Write	*
M Information Exposure	*
L Out-of-bounds Read	*
M Out-of-bounds Read	*
L Out-of-bounds Read	*
L Improper Authentication	*
L Heap-based Buffer Overflow	*
L Out-of-bounds Read	*
L Improper Certificate Validation	*
M Improper Input Validation	*
M Use After Free	*
M Improper Input Validation	*
L Integer Overflow or Wraparound	*
L Use After Free	*
M Out-of-bounds Write	*
M Use After Free	*
M Resource Injection	*
L Use of Uninitialized Resource	*
L Use of Uninitialized Resource	*
M Improper Certificate Validation	*
M Information Exposure	*
L Improper Certificate Validation	*
M Improper Certificate Validation	*
L Improper Authentication	*
M Information Exposure	*