Https Github.Com Curl Curl vulnerabilities

CVE-2021-22901 [HIGH] CWE-416 CVE-2021-22901: curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed me curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 ses

CVE-2021-22897 [MEDIUM] CWE-840 CVE-2021-22897: curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake i curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising side-effect that if an application sets up multiple

CVE-2021-22898 [LOW] CWE-200 CVE-2021-22898: curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, kn curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the se

CVE-2021-22876 [MEDIUM] CWE-359 CVE-2021-22876: curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leak

CVE-2021-22890 [LOW] CWE-300 CVE-2021-22890: curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MI curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly "short-cut" the ho

CVE-2020-8231 [HIGH] CWE-416 CVE-2020-8231: Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when se Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.

CVE-2020-8177 [HIGH] CWE-99 CVE-2020-8177: curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resour curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.

CVE-2020-8286 [HIGH] CWE-295 CVE-2020-8286: curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insu curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

CVE-2020-8169 [HIGH] CWE-200 CVE-2020-8169: curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).

CVE-2020-8285 [HIGH] CWE-674 CVE-2020-8285: curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

CVE-2020-8284 [LOW] CWE-200 CVE-2020-8284: A malicious server can use the FTP PASV response to trick curl 7 A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.