https://curl.se|curl vulnerabilities

Known vulnerabilities in the https://curl.se|curl package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Information Exposure	[6.5.0,8.11.1)
M Comparison Using Wrong Factors	[7.74.0,8.11.0)
M Improper Certificate Validation	[7.41.0,8.10.0)
M Out-of-bounds Read	[7.32.0,8.9.1)
H Out-of-bounds Read	[,8.9.0)
M Free of Memory not on the Heap	[8.6.0,8.9.0)
M Improper Certificate Validation	[8.5.0,8.7.0)
L Improper Certificate Validation	[8.6.0,8.7.0)
L Authentication Bypass by Spoofing	[7.85.0,8.7.0)
M Uncontrolled Resource Consumption ('Resource Exhaustion')	[7.44.0,8.7.0)
L Improper Check for Certificate Revocation	[8.5.0,8.6.0)
M Information Exposure	[7.46.0,8.5.0)
M Missing Encryption of Sensitive Data	[7.84.0,8.5.0)
L External Control of File Name or Path	[7.9.1,8.4.0)
H Heap-based Buffer Overflow	[7.69.0,8.4.0)
M Allocation of Resources Without Limits or Throttling	[7.84.0,8.3.0)
M Time-of-check Time-of-use (TOCTOU) Race Condition	[,8.2.0)
L Improper Synchronization	[7.9.8,8.1.0)
M Improper Certificate Validation	[7.12.0,8.1.0)
M Expected Behavior Violation	[7.7,8.1.0)
M Use After Free	[7.81.0,8.1.0)
M Double Free	[,8.0.0)
M Authentication Bypass by Primary Weakness	[,8.0.0)
M Authentication Bypass	[,8.0.0)
M Directory Traversal	[,8.0.0)
M Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)	[7.7,8.0.0)
M Allocation of Resources Without Limits or Throttling	[7.57.0,7.88.0)
M Cleartext Transmission of Sensitive Information	[7.77.0,7.88.0)
M Cleartext Transmission of Sensitive Information	[7.77.0,7.88.0)
H Use After Free	[,7.87.0]
M Cleartext Transmission of Sensitive Information	[7.77.0,7.87.0)
L Stack-based Buffer Overflow	[7.84.0,7.86.0)
M Cleartext Transmission of Sensitive Information	[7.77.0,7.86.0)
M Double Free	[7.77.0,7.86.0)
M Expected Behavior Violation	[7.7,7.86.0)
L Improper Validation of Syntactic Correctness of Input	[,7.85.0)
M Improper Preservation of Permissions	[,7.84.0)
M Denial of Service (DoS)	[,7.84.0)
M Improper Enforcement of Message Integrity During Transmission in a Communication Channel	[,7.84.0)
M Denial of Service (DoS)	[,7.84.0)
M Improper Authentication	[7.16.1,7.83.1)
M Cleartext Transmission of Sensitive Information	[7.82.0,7.83.1)
M Infinite loop	[7.34.0,7.83.1)
M Inappropriate Encoding for Output Context	[7.80.0,7.83.1)
M Release of Invalid Pointer or Reference	[7.83.0,7.83.1)
M Information Exposure	[,7.83.1)
L Information Exposure	[,7.83.0)
M Improper Authentication	[,7.83.0)
M Insufficiently Protected Credentials	[,7.83.0)
M Open Redirect	[,7.83.0)
M Cryptographic Issues	[0,7.33.0)
M Improper Validation	[7.27.0,7.78.0)
M Directory Traversal	[7.20.0,7.21.1]
H Resources Downloaded over Insecure Protocol	[7.20.0,7.79.0)
H Out-of-bounds Write	[7.21.0,7.74.0)
H Improper Initialization	[,7.52.1)
C Out-of-bounds Read	[7.20.0,7.59.0)
H Improper Certificate Validation	[7.52.0,7.54.0)
H Arbitrary Code Injection	[7.62.0,7.71.0)
H Improper Input Validation	[,7.51.0)
C Out-of-Bounds	[0,7.57.0)
M Cross-site Request Forgery (CSRF)	[5.11,7.19.3]
M Insufficiently Protected Credentials	[7.27.0,7.78.0)
M Improper Authentication	[0,7.35.0)
M Use of Uninitialized Resource	[7.7,7.78.0)
M Out-of-Bounds	[,7.54.1)
H Cryptographic Issues	[7.4,7.19.5]
C Integer Overflow or Wraparound	[,7.61.1)
M Improper Input Validation	[0,7.49.0)
M Improper Input Validation	[0,7.40.0)
M Cryptographic Issues	[0,7.36.0)
H Access Restriction Bypass	[7.14,7.16.3]
M Information Exposure	[,7.43.0)
C Out-of-bounds Write	[7.54.1,7.61.0)
C Integer Overflow or Wraparound	[,7.50.3)
C Use After Free	[7.59.0,7.62.0)
C Double Free	[7.73.0,7.79.0)
C Out-of-bounds Write	[7.12.3,7.59.0)
H NULL Pointer Dereference	[7.21.0,7.59.0)
C Out-of-bounds Write	[7.54.1,7.60.0)
M Out-of-Bounds	[0,7.31.0)
H Improper Certificate Validation	[7.33.0,7.78.0)
M Access Restriction Bypass	[0,7.42.0)
H Heap-based Buffer Overflow	[,7.52.0)
M Access Restriction Bypass	[7.10.5,7.19.7]
M Insufficiently Protected Credentials	[7.10.6,7.21.7)
M Improper Authentication	[0,7.36.0)
M Improper Input Validation	[0,7.34.0)
H Remote Code Execution (RCE)	[,7.65.2)
M Improper Input Validation	[0,7.43.0)
C Buffer Overflow	[6.0,7.4]
H Improper Certificate Validation	[7.41.0,7.74.0)
M Insufficiently Protected Credentials	[,7.51.0)
M Improper Input Validation	[7.27.0,7.36.0]
C Integer Overflow or Wraparound	[7.36.0,7.57.0)
C Out-of-bounds Read	[7.30.0,7.52.0)
C Improper Authentication	[,7.19.7-53)
H Improper Authorization	[,7.50.1)
C Out-of-bounds Read	[7.49.0,7.58.0)
C Out-of-bounds Read	[7.21.0,7.57.0)
H Access Restriction Bypass	[,7.49.1)
C Denial of Service (DoS)	[,7.49.1)
H Out-of-Bounds	[0,7.42.0)
C Out-of-bounds Read	[,7.51.0)
M Information Exposure	[0,7.55.0)
H Use After Free	[,7.51.0)
M Denial of Service (DoS)	[7.11.2,7.15]
C Double Free	[,7.51.0)
H Improper Input Validation	[,7.51.0)
M Improper Access Control	[0,7.42.0)
H Out-of-bounds Write	[,7.51.0)
L Out-of-Bounds	[0,7.54.0)
H Out-of-bounds Read	[7.34.0,7.64.0)
M Information Exposure	[0,7.55.0)
H Out-of-Bounds	[0,7.42.0)
C Double Free	[,7.51.0)
C Out-of-bounds Read	[7.14.1,7.62.0)
H Use After Free	[,7.50.1)
M Cryptographic Issues	[,7.38.0)
H Information Exposure	[7.62.0,7.71.0)
L Integer Overflow or Wraparound	[7.62.0,7.65.0)
M Improper Input Validation	[,7.47.0)
H Insufficiently Protected Credentials	[7.1.0,7.10.7)
H Out-of-Bounds	[0,7.56.0)
M Insufficient Verification of Data Authenticity	[7.20.0,7.79.0)
H Out-of-Bounds	[7.26.0,7.28.1]
M Information Exposure	[0,7.43.0)
H Out-of-bounds Read	[7.36.0,7.64.0)
H Out-of-bounds Read	[,7.51.0)
C Out-of-bounds Write	[,7.51.0)
H Out-of-Bounds	[,7.13.2]
C Information Exposure	[7.1,7.58.0)
L Exposure of Sensitive Information to an Unauthorized Actor	[,7.74.0)
H Improper Authentication	[,7.50.2)
M Information Exposure	[7.61.0,7.77.0)
M Information Exposure	[7.1.1,7.76.0)
H Use After Free	[7.75.0,7.77.0)
H Improper Certificate Validation	[7.30.0,7.52.0)
H Use After Free	[7.29.0,7.72.0)
M CRLF Injection	[0,7.40.0)
H Buffer Overflow	[7.15.0,7.15.2]
M Improper Certificate Validation	[,7.53.0)
L Race Condition	[7.10.4,7.77.0)
C Out-of-bounds Write	[7.36.0,7.64.0)
M Information Exposure	[0,7.39.0)
H SQL Injection	[,7.24.0)
H Resource Injection	[,7.51.0)
M Out-of-Bounds	[0,7.55.0)
H Cryptographic Issues	[,7.50.1)
C Buffer Overflow	[7.19.4,7.66.0)
C Out-of-bounds Read	[7.20.0,7.60.0)
H Out-of-bounds Write	[7.19.4,7.65.0)
C Double Free	[7.52.0,7.66.0)
L Missing Initialization of Resource	[7.7,7.77.0)
C Out-of-Bounds	[7.20.0,7.56.1)
C Out-of-Bounds	[7.33.0,7.62.0)
H Improper Authentication	[,7.47.0)
M Information Exposure	[,7.30.0)
L User Impersonation	[7.63.0,7.76.0)
M Cryptographic Issues	[,7.38.0)
M Arbitrary Code Execution	[,7.12.1]

Vulnerability

Vulnerable Version

Information Exposure

[6.5.0,8.11.1)

Comparison Using Wrong Factors

[7.74.0,8.11.0)

Improper Certificate Validation

[7.41.0,8.10.0)

Out-of-bounds Read

[7.32.0,8.9.1)

Out-of-bounds Read

[,8.9.0)