Debian Curl vulnerabilities

CVE-2005-4077 [MEDIUM] CVE-2005-4077: curl - Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 a... Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating null byte from being added to either a hostname or path buffer, or (2) contain a "?" separator in the

CVE-2003-1605 [HIGH] CVE-2003-1605: curl - curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server. curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server. Scope: local bookworm: resolved (fixed in 7.10.7-1) bullseye: resolved (fixed in 7.10.7-1) forky: resolved (fixed in 7.10.7-1) sid: resolved (fixed in 7.10.7-1) trixie: resolved (fixed in 7.10.7-1)