libcurl-devel vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the libcurl-devel package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M CVE-2023-28322	<7.66.0-150200.4.57.1
M Improper Certificate Validation	<7.66.0-150200.4.57.1
L Race Condition	<7.66.0-150200.4.57.1
M Arbitrary Code Injection	<7.66.0-150200.4.52.1
M Directory Traversal	<7.66.0-150200.4.52.1
M Allocation of Resources Without Limits or Throttling	<7.66.0-150200.4.52.1
M Improper Authentication	<7.66.0-150200.4.52.1
M Improper Authentication	<7.66.0-150200.4.52.1
M Improper Authentication	<7.66.0-150200.4.52.1
M Use After Free	<7.66.0-150200.4.45.1
H Exposure of Resource to Wrong Sphere	<7.66.0-150200.4.42.1
L CVE-2022-35252	<7.66.0-150200.4.39.1
M Out-of-bounds Write	<7.66.0-150200.4.36.1
M Allocation of Resources Without Limits or Throttling	<7.66.0-150200.4.36.1
H Improper Certificate Validation	<7.66.0-150200.4.33.1
L Loop with Unreachable Exit Condition ('Infinite Loop')	<7.66.0-150200.4.33.1
M Insufficiently Protected Credentials	<7.66.0-150200.4.30.1
M CVE-2022-27775	<7.66.0-150200.4.30.1
M Missing Authentication for Critical Function	<7.66.0-150200.4.30.1
M Missing Initialization of Resource	<7.66.0-4.17.1
M Use of Uninitialized Resource	<7.66.0-4.22.1
M Use of Incorrectly-Resolved Name or Reference	<7.66.0-4.22.1
M Cleartext Transmission of Sensitive Information	<7.66.0-4.22.1
M Improper Handling of Exceptional Conditions	<7.66.0-4.22.1
M Insufficient Verification of Data Authenticity	<7.66.0-4.27.1
M Cleartext Transmission of Sensitive Information	<7.66.0-4.27.1