libcurl-devel vulnerabilities

Known vulnerabilities in the libcurl-devel package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Insufficient Comparison	<8.0.1-150400.5.56.1
M Out-of-bounds Read	<8.0.1-150400.5.47.1
M CVE-2024-2398	<8.0.1-150400.5.44.1
L CVE-2024-2004	<8.0.1-150400.5.44.1
M CVE-2023-46218	<8.0.1-150400.5.36.1
L Missing Encryption of Sensitive Data	<8.0.1-150400.5.36.1
H Out-of-bounds Write	<8.0.1-150400.5.32.1
M CVE-2023-38546	<8.0.1-150400.5.32.1
H Allocation of Resources Without Limits or Throttling	<8.0.1-150400.5.29.1
M Time-of-check Time-of-use (TOCTOU)	<8.0.1-150400.5.26.1
M CVE-2023-28322	<8.0.1-150400.5.23.1
L Race Condition	<8.0.1-150400.5.23.1
M Improper Certificate Validation	<8.0.1-150400.5.23.1
M Use After Free	<8.0.1-150400.5.23.1
M Improper Authentication	<7.79.1-150400.5.18.1
M Improper Authentication	<7.79.1-150400.5.18.1
M Improper Authentication	<7.79.1-150400.5.18.1
M Directory Traversal	<7.79.1-150400.5.18.1
M Arbitrary Code Injection	<7.79.1-150400.5.18.1
H Cleartext Transmission of Sensitive Information	<7.79.1-150400.5.15.1
M Allocation of Resources Without Limits or Throttling	<7.79.1-150400.5.15.1
H Cleartext Transmission of Sensitive Information	<7.79.1-150400.5.15.1
M Use After Free	<7.79.1-150400.5.12.1
H Cleartext Transmission of Sensitive Information	<7.79.1-150400.5.12.1
H Exposure of Resource to Wrong Sphere	<7.79.1-150400.5.9.1
H Cleartext Transmission of Sensitive Information	<7.79.1-150400.5.9.1
L CVE-2022-35252	<7.79.1-150400.5.6.1
M Incorrect Default Permissions	<7.79.1-150400.5.3.1
M Out-of-bounds Write	<7.79.1-150400.5.3.1
M Allocation of Resources Without Limits or Throttling	<7.79.1-150400.5.3.1
M Allocation of Resources Without Limits or Throttling	<7.79.1-150400.5.3.1

Vulnerability

Vulnerable Version

Insufficient Comparison

<8.0.1-150400.5.56.1

<8.0.1-150400.5.47.1

<8.0.1-150400.5.44.1

<8.0.1-150400.5.44.1

<8.0.1-150400.5.36.1