curl vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the curl package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
L CVE-2024-2004	*
L CVE-2024-2398	*
L CVE-2024-2379	*
M CVE-2023-46218	<7.88.1-10+deb12u5
M Missing Encryption of Sensitive Data	<7.88.1-10+deb12u5
L CVE-2023-38546	<7.88.1-10+deb12u4
C Out-of-bounds Write	<7.88.1-10+deb12u4
H Allocation of Resources Without Limits or Throttling	<7.88.1-10+deb12u3
L Integer Overflow or Wraparound	<7.66.0-1
H Use After Free	<7.88.1-10
L CVE-2023-28322	<7.88.1-10
M Improper Certificate Validation	<7.88.1-10
L Race Condition	<7.88.1-10
H Arbitrary Code Injection	<7.88.1-7
M Improper Authentication	<7.88.1-7
M Improper Authentication	<7.88.1-7
H Directory Traversal	<7.88.1-7
M Double Free	<7.88.1-7
M Improper Authentication	<7.88.1-7
M Allocation of Resources Without Limits or Throttling	<7.88.1-1
M Cleartext Transmission of Sensitive Information	<7.88.1-1
C Cleartext Transmission of Sensitive Information	<7.88.1-1
M Use After Free	<7.86.0-3
H Cleartext Transmission of Sensitive Information	<7.86.0-3
H Double Free	<7.86.0-1
H Cleartext Transmission of Sensitive Information	<7.86.0-1
M Out-of-bounds Write	<7.86.0-1
C Exposure of Resource to Wrong Sphere	<7.86.0-1
L CVE-2022-35252	<7.85.0-1
M Out-of-bounds Write	<7.84.0-1
M Allocation of Resources Without Limits or Throttling	<7.84.0-1
C Incorrect Default Permissions	<7.84.0-1
M Allocation of Resources Without Limits or Throttling	<7.84.0-1
M Cleartext Transmission of Sensitive Information	<7.83.1-1
H Improper Certificate Validation	<7.83.1-1
M CVE-2022-27779	<7.83.1-1
H Loop with Unreachable Exit Condition ('Infinite Loop')	<7.83.1-1
H Use of Incorrectly-Resolved Name or Reference	<7.83.1-1
H Server-Side Request Forgery (SSRF)	<7.83.1-1
H Missing Authentication for Critical Function	<7.83.0-1
H CVE-2022-27775	<7.83.0-1
M Insufficiently Protected Credentials	<7.83.0-1
M Insufficiently Protected Credentials	<7.83.0-1
M Insufficient Verification of Data Authenticity	<7.79.1-1
C Double Free	<7.79.1-1
H Cleartext Transmission of Sensitive Information	<7.79.1-1
L Insufficiently Protected Credentials	<7.79.1-1
L Use of Incorrectly-Resolved Name or Reference	<7.79.1-1
L Improper Validation of Integrity Check Value	<7.79.1-1
L Missing Initialization of Resource	<7.79.1-1
L Authentication Bypass	<7.74.0-1.2
M Information Exposure	<7.74.0-1.2
H Improper Certificate Validation	<7.74.0-1
L CVE-2020-8284	<7.74.0-1
H Out-of-bounds Write	<7.74.0-1
H Use After Free	<7.72.0-1
H Arbitrary Code Injection	<7.72.0-1
H Information Exposure	<7.72.0-1
C Buffer Overflow	<7.66.0-1
C Double Free	<7.66.0-1
L Integer Overflow or Wraparound	<7.64.0-4
H Out-of-bounds Write	<7.64.0-4
C Out-of-bounds Write	<7.64.0-1
H Out-of-bounds Read	<7.64.0-1
H Out-of-bounds Read	<7.64.0-1
C Use After Free	<7.62.0-1
C Out-of-Bounds	<7.62.0-1
C Out-of-bounds Read	<7.62.0-1
C Integer Overflow or Wraparound	<7.62.0-1
H Credentials Management	<7.10.7-1
C Out-of-bounds Write	<7.61.0-1
H Improper Input Validation	<7.51.0-1
H Out-of-bounds Write	<7.51.0-1
C Double Free	<7.51.0-1
C Out-of-bounds Write	<7.51.0-1
H Use After Free	<7.51.0-1
H Out-of-bounds Read	<7.51.0-1
C Out-of-bounds Read	<7.51.0-1
H Improper Certificate Validation	<7.52.1-5
H Resource Injection	<7.51.0-1
H Improper Input Validation	<7.51.0-1
C Double Free	<7.51.0-1
M Credentials Management	<7.51.0-1
M Improper Certificate Validation	<7.52.1-3
C Out-of-bounds Write	<7.60.0-1
C Out-of-bounds Read	<7.60.0-1
H Heap-based Buffer Overflow	<7.52.1-1
H NULL Pointer Dereference	<7.60.0-1
C Out-of-bounds Write	<7.60.0-1
C Out-of-bounds Read	<7.60.0-1
C CVE-2018-1000007	<7.58.0-1
C Out-of-bounds Read	<7.58.0-1
C Out-of-Bounds	<7.57.0-1
C Out-of-bounds Read	<7.57.0-1
C Integer Overflow or Wraparound	<7.57.0-1
C Out-of-Bounds	<7.56.1-1
H Out-of-Bounds	<7.56.1-1
M Out-of-Bounds	<7.55.0-1
M Information Exposure	<7.55.0-1
L Out-of-Bounds	<7.52.1-4
C Integer Overflow or Wraparound	<7.51.0-1
H Improper Authentication	<7.51.0-1
H Use After Free	<7.50.1-1
H Cryptographic Issues	<7.50.1-1
H Improper Authorization	<7.50.1-1
L Improper Input Validation	<7.50.1-1
H Improper Authentication	<7.47.0-1
M Improper Input Validation	<7.43.0-1
M Information Exposure	<7.43.0-1
M Information Exposure	<7.42.1-1
H Out-of-Bounds	<7.42.0-1
H Out-of-Bounds	<7.42.0-1
M Access Restriction Bypass	<7.42.0-1
M Improper Access Control	<7.42.0-1
M CVE-2014-8150	<7.38.0-4
M Cryptographic Issues	<7.38.0-1
M Cryptographic Issues	<7.38.0-1
M Information Exposure	<7.38.0-3
M Improper Authentication	<7.36.0-1
M Cryptographic Issues	<7.36.0-1
M Improper Authentication	<7.35.0-1
M Improper Input Validation	<7.34.0-1
M Cryptographic Issues	<7.33.0-1
M Out-of-Bounds	<7.31.0-1
M Information Exposure	<7.29.0-2.1
H Out-of-Bounds	<7.29.0-1
H SQL Injection	<7.24.0-1
M Improper Input Validation	<7.24.0-1
H Credentials Management	<7.21.6-2
L Access Restriction Bypass	<7.20.0-1
M Cryptographic Issues	<7.19.5-1.1
M Cross-site Request Forgery (CSRF)	<7.18.2-8.1
L CVE-2007-3564	<7.16.4-1
H CVE-2006-1061	<7.15.3-1
M Numeric Errors	<7.15.1-1
M Out-of-Bounds	<7.15.0-1
H CVE-2005-0490	<7.13.0-2