curl | Snyk

Direct Vulnerabilities

Known vulnerabilities in the curl package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L Improper Certificate Validation	<0:8.19.0-3.hum1
L Information Exposure	<0:8.19.0-3.hum1
L Predictability Problems	<0:8.19.0-3.hum1
L Authentication Bypass by Primary Weakness	<0:8.19.0-3.hum1
L Improperly Implemented Security Check for Standard	<0:8.19.0-3.hum1
M Improper Certificate Validation	<0:8.19.0-3.hum1
M Key Exchange without Entity Authentication	<0:8.19.0-3.hum1
M Out-of-bounds Read	<0:8.19.0-3.hum1
L Information Exposure	*
L Information Exposure	*
L Improperly Implemented Security Check for Standard	*
L Improperly Implemented Security Check for Standard	*
L Improper Certificate Validation	*
L Improper Certificate Validation	*
M Improper Certificate Validation	*
M Improper Certificate Validation	*
L Authentication Bypass by Primary Weakness	*
L Authentication Bypass by Primary Weakness	*
M Authentication Bypass by Primary Weakness	<0:8.19.0-3.hum1
M Incorrect Implementation of Authentication Algorithm	<0:8.19.0-3.hum1
M Expired Pointer Dereference	<0:8.19.0-3.hum1
M Information Exposure	<0:8.19.0-3.hum1
M Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element	<0:8.19.0-3.hum1
M Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element	*
M Incorrect Implementation of Authentication Algorithm	*
M Incorrect Implementation of Authentication Algorithm	*
M Expired Pointer Dereference	*
M Expired Pointer Dereference	*
M Authentication Bypass by Primary Weakness	*
M Information Exposure	*
M Authentication Bypass by Primary Weakness	*
M Information Exposure	*
M Out-of-bounds Read	<0:8.12.1-2.el10_1.2
M Out-of-bounds Read	<0:8.12.1-1.el10_0.4
M Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element	*
M Out-of-bounds Read	*
L Predictability Problems	*
L Predictability Problems	*
L Out-of-bounds Read	*
L Information Exposure	*
L Use of Uninitialized Resource	*
L Use of Uninitialized Resource	*
L Untrusted Pointer Dereference	*
L Improper Certificate Validation	*
L Improper Authentication	*
M Information Exposure	*
M Use After Free	*
M Improper Input Validation	*
M Out-of-bounds Write	*
L Use After Free	*
M Use After Free	*
M Improper Input Validation	*
M Use After Free	*
L Improper Certificate Validation	*
L Out-of-bounds Read	*
L Improper Certificate Validation	*
L Integer Overflow or Wraparound	*
L Improper Authentication	*
M Improper Certificate Validation	*
M Resource Injection	*
M Out-of-bounds Write	*
L NULL Pointer Dereference	*
L Out-of-bounds Read	*
M Improper Certificate Validation	*
M Information Exposure	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Out-of-bounds Read	*
M Insufficiently Protected Credentials	*
L Out-of-bounds Read	*
L Out-of-bounds Read	*
M Improper Input Validation	*
L Authentication Bypass	*
M Improper Certificate Validation	*
M Cleartext Transmission of Sensitive Information	*
M Cleartext Transmission of Sensitive Information	*
M Information Exposure	*
M Improper Authentication	*
M Improper Authentication	*
M Arbitrary Code Injection	*
M Information Exposure	*

Vulnerability

Vulnerable Version

Improper Certificate Validation

<0:8.19.0-3.hum1