curl | Snyk

Direct Vulnerabilities

Known vulnerabilities in the curl package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L Improper Certificate Validation	*
M CVE-2026-6429	*
L Server-Side Request Forgery (SSRF)	*
M Insufficient Session Expiration	*
M Insufficiently Protected Credentials	*
M CVE-2025-14017	<7.47.0-1ubuntu2.19+esm15
M Out-of-bounds Read	<7.47.0-1ubuntu2.19+esm13
M Missing Release of Resource after Effective Lifetime	<7.47.0-1ubuntu2.19+esm12
M CVE-2023-46218	<7.47.0-1ubuntu2.19+esm11
L CVE-2023-38546	<7.47.0-1ubuntu2.19+esm10
L Improper Certificate Validation	<7.47.0-1ubuntu2.19+esm9
L CVE-2023-28322	<7.47.0-1ubuntu2.19+esm9
L Improper Authentication	<7.47.0-1ubuntu2.19+esm8
L Arbitrary Code Injection	<7.47.0-1ubuntu2.19+esm8
M Improper Authentication	<7.47.0-1ubuntu2.19+esm8
M Use After Free	<7.47.0-1ubuntu2.19+esm7
M Exposure of Resource to Wrong Sphere	<7.47.0-1ubuntu2.19+esm6
L CVE-2022-35252	<7.47.0-1ubuntu2.19+esm5
M Out-of-bounds Write	<7.47.0-1ubuntu2.19+esm4
L Loop with Unreachable Exit Condition ('Infinite Loop')	<7.47.0-1ubuntu2.19+esm4
M Cleartext Transmission of Sensitive Information	<7.47.0-1ubuntu2.19+esm1
M Insufficient Verification of Data Authenticity	<7.47.0-1ubuntu2.19+esm1
M Use of Uninitialized Resource	<7.47.0-1ubuntu2.19+esm3
L Missing Initialization of Resource	<7.47.0-1ubuntu2.19+esm3
M Information Exposure	<7.47.0-1ubuntu2.19
L CVE-2020-8284	<7.47.0-1ubuntu2.18
M Improper Certificate Validation	<7.47.0-1ubuntu2.18
M Out-of-bounds Write	<7.47.0-1ubuntu2.18
L Use After Free	<7.47.0-1ubuntu2.16
M Arbitrary Code Injection	<7.47.0-1ubuntu2.15
M Buffer Overflow	<7.47.0-1ubuntu2.14
M Out-of-bounds Write	<7.47.0-1ubuntu2.13
M Out-of-bounds Read	<7.47.0-1ubuntu2.12
L Out-of-bounds Read	<7.47.0-1ubuntu2.12
M Out-of-bounds Write	<7.47.0-1ubuntu2.12
M Out-of-Bounds	<7.47.0-1ubuntu2.11
M Out-of-bounds Read	<7.47.0-1ubuntu2.11
M Integer Overflow or Wraparound	<7.47.0-1ubuntu2.9
M Out-of-bounds Write	<7.47.0-1ubuntu2.2
M Double Free	<7.47.0-1ubuntu2.2
M Out-of-bounds Write	<7.47.0-1ubuntu2.2
M Use After Free	<7.47.0-1ubuntu2.2
L Out-of-bounds Read	<7.47.0-1ubuntu2.2
M Out-of-bounds Read	<7.47.0-1ubuntu2.2
M Resource Injection	<7.47.0-1ubuntu2.2
M Improper Input Validation	<7.47.0-1ubuntu2.2
M Double Free	<7.47.0-1ubuntu2.2
L Credentials Management	<7.47.0-1ubuntu2.2
M Out-of-bounds Read	<7.47.0-1ubuntu2.8
L Heap-based Buffer Overflow	<7.47.0-1ubuntu2.3
M Out-of-bounds Write	<7.47.0-1ubuntu2.7
M NULL Pointer Dereference	<7.47.0-1ubuntu2.7
M Out-of-bounds Read	<7.47.0-1ubuntu2.7
M Out-of-bounds Read	<7.47.0-1ubuntu2.6
M CVE-2018-1000007	<7.47.0-1ubuntu2.6
M Out-of-bounds Read	<7.47.0-1ubuntu2.5
M Integer Overflow or Wraparound	<7.47.0-1ubuntu2.5
M Out-of-Bounds	<7.47.0-1ubuntu2.4
M Out-of-Bounds	<7.47.0-1ubuntu2.3
L Out-of-Bounds	<7.47.0-1ubuntu2.3
L Information Exposure	<7.47.0-1ubuntu2.3
L Out-of-Bounds	<7.47.0-1ubuntu2.3
L Integer Overflow or Wraparound	<7.47.0-1ubuntu2.2
L Improper Authentication	<7.47.0-1ubuntu2.2
M Improper Authorization	<7.47.0-1ubuntu2.1
M Cryptographic Issues	<7.47.0-1ubuntu2.1
M Use After Free	<7.47.0-1ubuntu2.1

Vulnerability

Vulnerable Version

Improper Certificate Validation