CVSS: 6.3EPSS: 1%CPEs: 1EXPL: 0CVE-2024-2379 – QUIC certificate check bypass with wolfSSL
https://notcve.org/view.php?id=CVE-2024-2379
27 Mar 2024 — libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems. libcurl omite la verificación del certificado para una conexión QUIC bajo ciertas condiciones, cuando está diseñado para usar wolfSSL. Si se le indica que utilice un cifrado o curva desconocido/incorrecto, la ruta de error omite accidentalm... • http://www.openwall.com/lists/oss-security/2024/03/27/2 • CWE-295: Improper Certificate Validation •
CVSS: 5.3EPSS: 1%CPEs: 16EXPL: 0CVE-2024-2004 – Usage of disabled protocol
https://notcve.org/view.php?id=CVE-2024-2004
27 Mar 2024 — When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled. curl --proto -all,-http http://curl.se The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and th... • http://www.openwall.com/lists/oss-security/2024/03/27/1 • CWE-115: Misinterpretation of Input CWE-436: Interpretation Conflict •
CVSS: 9.0EPSS: 10%CPEs: 77EXPL: 0CVE-2024-2398 – HTTP/2 push headers memory-leak
https://notcve.org/view.php?id=CVE-2024-2398
27 Mar 2024 — When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. Cuando una aplicación le dice a libcurl que quiere permitir la inserción del servidor HTTP/2 y la... • http://www.openwall.com/lists/oss-security/2024/03/27/3 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.4EPSS: 8%CPEs: 6EXPL: 1CVE-2021-30134
https://notcve.org/view.php?id=CVE-2021-30134
26 Dec 2022 — php-mod/curl (a wrapper of the PHP cURL extension) before 2.3.2 allows XSS via the post_file_path_upload.php key parameter and the POST data to post_multidimensional.php. php-mod/curl (un contenedor de la extensión PHP cURL) anterior a 2.3.2 permite XSS a través del parámetro clave post_file_path_upload.php y los datos POST en post_multidimensional.php. • https://wpscan.com/vulnerability/0b547728-27d2-402e-ae17-90d539344ec7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2013-2617
https://notcve.org/view.php?id=CVE-2013-2617
20 Mar 2013 — lib/curl.rb in the Curl Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. lib/curl.rb en el Curl Gem para Ruby permite atacantes remotos ejecutar código arbitrario a través de metacaracteres shell en una URL. • http://packetstormsecurity.com/files/120778/Ruby-Gem-Curl-Command-Execution.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 7%CPEs: 26EXPL: 0CVE-2012-0036
https://notcve.org/view.php?id=CVE-2012-0036
13 Apr 2012 — curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the (1) IMAP, (2) POP3, or (3) SMTP protocol. curl y libcurl v7.2x anteriores v7.24.0 no consideran de forma adecuada los caracteres especiales cuando extraen una ruta de un fichero de una URL, lo que permite a atacantes remotos realizar ataques de injección ... • http://curl.haxx.se/curl-url-sanitize.patch • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2010-3842
https://notcve.org/view.php?id=CVE-2010-3842
27 Oct 2010 — Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using \ (backslash) as a separator of path components within the Content-disposition HTTP header. Vulnerabilidad de salto de directorio absoluto en curl v7.20.0 hasta v7.21.1, cuando se utiliza la opción --remote-header-name o -J, permite a los servidores remotos crear o sobreescribir archivos arbitrarios mediante el uso de \... • http://curl.haxx.se/docs/adv_20101013.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 1%CPEs: 80EXPL: 2CVE-2009-0037 – cURL/libcURL 7.19.3 - HTTP 'Location:' Redirect Security Bypass
https://notcve.org/view.php?id=CVE-2009-0037
05 Mar 2009 — The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL. La implementación de redirección en curl y libcurl v5.11 hasta v7.19.3, cuando CURLOPT_FOLLOWLOCATION esta activado, acepta valores de locali... • https://www.exploit-db.com/exploits/32834 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 5%CPEs: 3EXPL: 0CVE-2005-3185
https://notcve.org/view.php?id=CVE-2005-3185
13 Oct 2005 — Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •