Daniel Stenberg Curl vulnerabilities
3 known vulnerabilities affecting daniel_stenberg/curl.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2006-1061HIGHCVSS 7.5v7.15.0v7.15.1+1 more2006-03-21
CVE-2006-1061 [HIGH] CVE-2006-1061: Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to exec
Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path.
nvd
CVE-2005-4077MEDIUMCVSS 4.6v7.11.2v7.12+9 more2005-12-08
CVE-2005-4077 [MEDIUM] CWE-189 CVE-2005-4077: Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to
Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating null byte from being added to either a hostname or path buffer, or (2) contain a "?"
nvd
CVE-2000-0973CRITICALCVSS 10.0PoCv6.0v6.1+12 more2000-12-19
CVE-2000-0973 [CRITICAL] CVE-2000-0973: Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attac
Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated.
nvd