Homepage

libcurl vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the libcurl package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Out-of-bounds Read

*
  • L
Information Exposure

*
  • L
Out-of-bounds Read

*
  • M
Missing Release of Resource after Effective Lifetime

*
  • L
External Control of File Name or Path

*
  • L
Expected Behavior Violation

*
  • M
Improper Certificate Validation

*
  • M
Authentication Bypass by Primary Weakness

*
  • M
Authentication Bypass by Primary Weakness

*
  • M
Authentication Bypass by Primary Weakness

*
  • L
Directory Traversal

*
  • M
Cleartext Transmission of Sensitive Information

*
  • L
Use After Free

<0:7.29.0-59.el7_9.2
  • L
Improper Validation of Syntactic Correctness of Input

*
  • M
Improper Enforcement of Message Integrity During Transmission in a Communication Channel

*
  • M
Information Exposure

*
  • M
Inappropriate Encoding for Output Context

*
  • M
Release of Invalid Pointer or Reference

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Cleartext Transmission of Sensitive Information

*
  • M
Improper Certificate Validation

*
  • M
Insufficiently Protected Credentials

*
  • M
Insufficiently Protected Credentials

*
  • M
Cleartext Transmission of Sensitive Information

*
  • M
Cleartext Transmission of Sensitive Information

*
  • M
Out-of-bounds Read

<0:7.29.0-51.el7
  • M
NULL Pointer Dereference

<0:7.29.0-51.el7
  • M
Heap-based Buffer Overflow

<0:7.29.0-51.el7
  • M
Out-of-bounds Read

<0:7.29.0-42.el7_4.1
  • M
Arbitrary Code Injection

<0:7.29.0-59.el7_9.1
  • M
Out-of-bounds Read

<0:7.29.0-25.el7
  • M
Improper Input Validation

<0:7.29.0-25.el7
  • M
Improper Authentication

<0:7.29.0-25.el7
  • M
HTTP Response Splitting

<0:7.29.0-25.el7
  • M
Improper Authentication

<0:7.29.0-25.el7
  • L
Untrusted Pointer Dereference

*
  • M
Uncontrolled Recursion

*
  • M
Information Exposure

*
  • M
Heap-based Buffer Overflow

<0:7.29.0-59.el7
  • L
Heap-based Buffer Overflow

<0:7.29.0-57.el7
  • L
Out-of-bounds Read

<0:7.29.0-54.el7
  • L
Incorrect Calculation of Buffer Size

<0:7.29.0-51.el7_6.3
  • M
Out-of-bounds Write

<0:7.29.0-51.el7
  • L
Information Exposure

*
  • M
Information Exposure

<0:7.29.0-51.el7
  • M
Out-of-bounds Read

*
  • L
Out-of-bounds Read

*
  • M
Out-of-bounds Read

*
  • L
Out-of-bounds Read

*
  • L
Improper Authentication

*
  • L
Heap-based Buffer Overflow

*
  • L
Out-of-bounds Read

*
  • M
Improper Certificate Validation

<0:7.29.0-35.el7
  • M
Improper Input Validation

*
  • M
Use After Free

*
  • M
Improper Input Validation

*
  • M
Integer Overflow or Wraparound

<0:7.29.0-42.el7
  • L
Use After Free

*
  • M
Out-of-bounds Write

*
  • L
Integer Overflow or Wraparound

*
  • M
Use After Free

*
  • M
Resource Injection

*
  • L
Use of Uninitialized Resource

*
  • L
Use of Uninitialized Resource

*
  • M
Improper Certificate Validation

*
  • M
Information Exposure

*
  • M
Improper Certificate Validation

<0:7.29.0-35.el7
  • M
Improper Certificate Validation

<0:7.29.0-35.el7
  • L
Improper Authentication

*
  • M
Information Exposure

*