CVSS: 9.1EPSS: 4%CPEs: 35EXPL: 0CVE-2010-0734 – curl: zlib-compression causes curl to pass more than CURL_MAX_WRITE_SIZE bytes to write callback
https://notcve.org/view.php?id=CVE-2010-0734
19 Mar 2010 — content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact by sending crafted compressed data to an application that relies on the intended data-length limit. content_encoding.c en libcurl v7.10.5 hasta v7.19.7, cuando zlib está habilitado, no restringe adecuada... • http://curl.haxx.se/docs/adv_20100209.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 74EXPL: 0CVE-2009-2417 – curl: incorrect verification of SSL certificate with NUL in name
https://notcve.org/view.php?id=CVE-2009-2417
14 Aug 2009 — lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. lib/ssluse.c en cURL y libcurl v7.4 hasta v7.19.5, cuando se usa OpenSSL, no maneja de forma aecuada el caracter '\0' en un nombre de... • http://curl.haxx.se/CVE-2009-2417/curl-7.10.6-CVE-2009-2417.patch • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 1%CPEs: 80EXPL: 3CVE-2009-0037 – cURL/libcURL 7.19.3 - HTTP 'Location:' Redirect Security Bypass
https://notcve.org/view.php?id=CVE-2009-0037
03 Mar 2009 — The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL. La implementación de redirección en curl y libcurl v5.11 hasta v7.19.3, cuando CURLOPT_FOLLOWLOCATION esta activado, acepta valores de locali... • https://packetstorm.news/files/id/75344 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 4%CPEs: 3EXPL: 0CVE-2005-3185 – iDEFENSE Security Advisory 2005-10-13.2
https://notcve.org/view.php?id=CVE-2005-3185
13 Oct 2005 — Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username. Remote exploitation of a buffer overflow vulnerability in multiple vendor's implementations of curl and wget allows attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on use... • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •