curl vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the curl package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
L Missing Encryption of Sensitive Data	<7.88.1-8ubuntu2.4
M CVE-2023-46218	<7.88.1-8ubuntu2.4
H Out-of-bounds Write	<7.88.1-8ubuntu2.3
L CVE-2023-38546	<7.88.1-8ubuntu2.3
M Allocation of Resources Without Limits or Throttling	<7.88.1-8ubuntu2.2
M Time-of-check Time-of-use (TOCTOU)	<7.88.1-8ubuntu2.1
L Improper Certificate Validation	<7.88.1-8ubuntu2.1
L CVE-2023-28322	<7.88.1-8ubuntu2.1
L Improper Authentication	<7.88.1-6ubuntu2
L Double Free	<7.88.1-6ubuntu2
L Arbitrary Code Injection	<7.88.1-6ubuntu2
L Improper Authentication	<7.88.1-6ubuntu2
L Directory Traversal	<7.88.1-6ubuntu2
M Improper Authentication	<7.88.1-6ubuntu2
M Allocation of Resources Without Limits or Throttling	<7.87.0-2ubuntu1
L Cleartext Transmission of Sensitive Information	<7.87.0-2ubuntu1
L Cleartext Transmission of Sensitive Information	<7.87.0-2ubuntu1
M Cleartext Transmission of Sensitive Information	<7.87.0-1
M Use After Free	<7.87.0-1
M Use of Uninitialized Resource	<7.74.0-1.2ubuntu4
M Use of Incorrectly-Resolved Name or Reference	<7.74.0-1.2ubuntu4
L Missing Initialization of Resource	<7.74.0-1.2ubuntu4