The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of cURL

cURL: information disclosure via CURLOPT_CONNECT_ONLY
An attacker can bypass access restrictions to data via CURLOPT_CONNECT_ONLY of cURL, in order to obtain sensitive information...
CVE-2020-8231, DLA-2382-1, FEDORA-2020-126a0dd319, FEDORA-2020-da832cb434, openSUSE-SU-2020:1345-1, openSUSE-SU-2020:1359-1, openSUSE-SU-2020:1494-1, SSA:2020-232-01, SUSE-SU-2020:14481-1, SUSE-SU-2020:2444-1, SUSE-SU-2020:2445-1, SUSE-SU-2020:2446-1, USN-4466-1, USN-4466-2, USN-4665-1, USN-4665-2, VIGILANCE-VUL-33107
curl: write access via -J Option
An attacker can bypass access restrictions via -J Option of curl, in order to alter data...
bulletinoct2020, CVE-2020-8177, DLA-2295-1, FEDORA-2020-55f1f7cb13, FEDORA-2020-6af1dd2936, FEDORA-2020-ad05132742, openSUSE-SU-2020:0883-1, openSUSE-SU-2020:0908-1, RHSA-2020:4599-01, RHSA-2020:5002-01, RHSA-2020:5417-01, SSA:2020-176-01, SUSE-SU-2020:14409-1, SUSE-SU-2020:1732-1, SUSE-SU-2020:1733-1, SUSE-SU-2020:1734-1, SUSE-SU-2020:1735-1, SUSE-SU-2020:1773-1, USN-4402-1, VIGILANCE-VUL-32618
curl: information disclosure via HTTP Redirect DNS Password
An attacker can bypass access restrictions to data via HTTP Redirect DNS Password of curl, in order to obtain sensitive information...
CERTFR-2020-AVI-423, CVE-2020-8169, FEDORA-2020-55f1f7cb13, FEDORA-2020-6af1dd2936, FEDORA-2020-ad05132742, openSUSE-SU-2020:0883-1, SSA:2020-176-01, SUSE-SU-2020:1733-1, USN-4402-1, VIGILANCE-VUL-32617
curl: information disclosure via Windows SMB Access Smuggling
An attacker can bypass access restrictions to data via Windows SMB Access Smuggling of curl, in order to obtain sensitive information...
4809381, cpuapr2020, CVE-2019-15601-REJECT, VIGILANCE-VUL-31269
curl: buffer overflow via TFTP Small Blocksize
An attacker can trigger a buffer overflow via TFTP Small Blocksize of curl, in order to trigger a denial of service, and possibly to run code...
bulletinoct2020, cpuapr2020, cpuoct2020, CVE-2019-5482, DLA-1917-1, DSA-2019-168, DSA-2019-169, DSA-2019-201, DSA-4633-1, FEDORA-2019-9e6357d82f, FEDORA-2019-f2a520135e, openSUSE-SU-2019:2149-1, openSUSE-SU-2019:2169-1, RHSA-2020:1792-01, RHSA-2020:3916-01, SSA:2019-254-01, SUSE-SU-2019:14172-1, SUSE-SU-2019:2339-2, SUSE-SU-2019:2373-1, SUSE-SU-2019:2381-1, USN-4129-1, USN-4129-2, VIGILANCE-VUL-30303
curl: use after free via FTP-KRB
An attacker can force the usage of a freed memory area via FTP-KRB of curl, in order to trigger a denial of service, and possibly to run code...
bulletinoct2020, cpuapr2020, cpuoct2020, CVE-2019-5481, DSA-4633-1, FEDORA-2019-9e6357d82f, FEDORA-2019-f2a520135e, openSUSE-SU-2019:2149-1, openSUSE-SU-2019:2169-1, RHSA-2020:1792-01, SSA:2019-254-01, SUSE-SU-2019:2373-1, SUSE-SU-2019:2381-1, USN-4129-1, USN-4129-2, VIGILANCE-VUL-30302
curl for Windows: privilege escalation via OpenSSL Engine Loading
An attacker can bypass restrictions via OpenSSL Engine Loading of curl for Windows, in order to escalate his privileges...
cpuoct2019, cpuoct2020, CVE-2019-5443, NTAP-20191017-0002, VIGILANCE-VUL-29603
curl: multiple vulnerabilities
An attacker can use several vulnerabilities of curl...
bulletinoct2020, cpuoct2019, cpuoct2020, CVE-2019-5435, CVE-2019-5436, DLA-1804-1, DSA-2019-117, DSA-2019-201, DSA-4633-1, FEDORA-2019-3f5b6f0f97, FEDORA-2019-697de0501f, openSUSE-SU-2019:1492-1, openSUSE-SU-2019:1508-1, RHSA-2020:1020-01, RHSA-2020:1792-01, RHSA-2020:2505-01, SSA:2019-142-01, SUSE-SU-2019:1357-1, SUSE-SU-2019:1357-2, SUSE-SU-2019:1363-1, SUSE-SU-2019:14064-1, USN-3993-1, USN-3993-2, VIGILANCE-VUL-29382
libcurl: out-of-bounds memory reading via SMTP End-of-Response
An attacker can force a read at an invalid address via SMTP End-of-Response of libcurl, in order to trigger a denial of service, or to obtain sensitive information...
bulletinjan2019, cpuapr2019, cpujul2019, CVE-2019-3823, DLA-1672-1, DSA-4386-1, FEDORA-2019-43489941ff, openSUSE-SU-2019:0173-1, openSUSE-SU-2019:0174-1, RHSA-2019:3701-01, SSA:2019-037-01, SUSE-SU-2019:0248-1, SUSE-SU-2019:0249-1, SUSE-SU-2019:0249-2, SUSE-SU-2019:0339-1, USN-3882-1, VIGILANCE-VUL-28445
libcurl: buffer overflow via NTLM Type-3
An attacker can trigger a buffer overflow via NTLM Type-3 of libcurl, in order to trigger a denial of service, and possibly to run code...
bulletinjan2019, bulletinoct2019, cpuapr2019, cpujul2019, CVE-2019-3822, DLA-1672-1, DSA-4386-1, FEDORA-2019-43489941ff, openSUSE-SU-2019:0173-1, openSUSE-SU-2019:0174-1, RHSA-2019:3701-01, SSA:2019-037-01, STORM-2019-002, SUSE-SU-2019:0248-1, SUSE-SU-2019:0249-1, SUSE-SU-2019:0249-2, SUSE-SU-2019:0339-1, USN-3882-1, VIGILANCE-VUL-28444
Our database contains other pages. You can request a free trial to read them.

Display information about cURL: