Filter

Versions

7.20.0
13
7.33.0
13
7.14.1
11
7.31.0
11
7.32.0
11
7.12.1
10
7.12.3
10
7.13.2
10
7.15.1
10
7.15.2
10
7.21.0
10
7.27.0
10
7.30.0
10
7.34.0
10
7.35.0
10
7.10.6
9
7.12.2
9
7.13.1
9
7.15.3
9
7.16.3
9
7.18.0
9
7.19.3
9
7.19.4
9
7.21.1
9
7.23.1
9
7.10.7
8
7.10.8
8
7.11.1
8
7.11.2
8
7.18.1
8
7.18.2
8
7.19.0
8
7.19.1
8
7.19.2
8
7.19.5
8
7.19.7
8
7.20.1
8
7.21.2
8
7.21.3
8
7.21.4
8
7.21.5
8
7.21.6
8
7.21.7
8
7.22.0
8
7.23.0
8
7.28.0
8
7.28.1
8
7.29.0
8
7.40.0
8
7.41.0
8
7.11.0
7
7.12.0
7
7.16.4
7
7.17.0
7
7.17.1
7
7.19.6
7
7.24.0
7
7.25.0
7
7.26.0
7
7.36.0
7
7.37.1
7
7.15.0
6
7.37.0
6
7.38.0
6
7.39.0
6
7.13.0
5
7.14
5
7.14.0
5
7.15
5
7.15.4
5
7.15.5
5
7.16.0
5
7.16.1
5
7.16.2
5
7.42.0
5
7.46.0
5
7.77.0
5
7.12
4
7.13
4
7.42.1
4
7.7
4
7.82.0
4
7.1
3
7.10.5
3
7.4
3
7.4.1
3
7.51.0
3
7.54.1
3
7.56.1
3
7.58.0
3
7.59.0
3
7.61.1
3
7.76.1
3
7.84.0
3
6.0
2
6.1beta
2
6.3
2
6.4
2
6.5
2
6.5.1
2
6.5.2
2
7.1.1
2
7.10
2
7.10.1
2
7.10.2
2
7.10.3
2
7.10.4
2
7.2
2
7.2.1
2
7.3
2
7.4.2
2
7.43.0
2
7.44.0
2
7.45.0
2
7.47.0
2
7.48.0
2
7.49.0
2
7.5
2
7.5.1
2
7.5.2
2
7.52.0
2
7.53.1
2
7.54.0
2
7.57.0
2
7.6
2
7.6.1
2
7.62.0
2
7.65.3
2
7.69.0
2
7.7.1
2
7.7.2
2
7.7.3
2
7.70.0
2
7.8
2
7.8.1
2
7.9
2
7.9.1
2
7.9.2
2
7.9.3
2
7.9.5
2
7.9.6
2
7.9.7
2
7.9.8
2
8.4.0
2
8.5.0
2
4.9
1
5.11
1
6.1
1
6.2
1
6.3.1
1
7.0.0
1
7.1.0
1
7.17
1
7.18
1
7.47.1
1
7.49.1
1
7.50.0
1
7.50.1
1
7.50.2
1
7.50.3
1
7.52.1
1
7.53.0
1
7.55.0
1
7.56.0
1
7.60.0
1
7.61.0
1
7.64.1
1
7.65.0
1
7.65.1
1
7.65.2
1
7.71.0
1
7.73.0
1
7.74.0
1
7.75.0
1
7.8.2
1
7.80.0
1
7.83.0
1
7.88.1
1
7.881
1
7.9.4
1
8.0.0
1
8.1.0
1
8.2.0
1
8.3.0
1

[SECURITY ADVISORY] curl: CVE-2025-0725: gzip integer overflow

First published (updated )
https://seclists.org/oss-sec/2025/q1/108

[SECURITY ADVISORY] curl: CVE-2025-0725: gzip integer overflow

First published (updated )
https://seclists.org/oss-sec/2025/q1/110

[SECURITY ADVISORY] curl: CVE-2025-0665: eventfd double close

First published (updated )
https://seclists.org/oss-sec/2025/q1/103

Curl SSH Insufficient Host Identity Verification

First published (updated )
https://seclists.org/oss-sec/2025/q1/102

Curlgzip integer overflow

high
7.3
First published (updated )
CVE-2025-0725

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Curleventfd double close

critical
9.8
First published (updated )
CVE-2025-0665

Curlnetrc and default credential leak

low
3.4
First published (updated )
CVE-2025-0167

[SECURITY ADVISORY] curl: CVE-2025-0725: gzip integer overflow

First published (updated )
https://seclists.org/oss-sec/2025/q1/101

[SECURITY ADVISORY] curl: CVE-2025-0665: eventfd double close

First published (updated )
https://seclists.org/oss-sec/2025/q1/100

[SECURITY ADVISORY] curl: CVE-2025-0167: netrc and default cdential leak

First published (updated )
https://seclists.org/oss-sec/2025/q1/99

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

[SECURITY ADVISORY] curl: CVE-2024-11053: netrc and dict cdential leak

First published (updated )
https://seclists.org/oss-sec/2024/q4/150

CurlWhen asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak t…

low
1
First published (updated )
REDHAT-BUG-2331191

debian/curlHSTS subdomain overwrites parent cache entry

medium
6.5
EPSS
0.05%
First published (updated )
CVE-2024-9681

[SECURITY ADVISTORY] curl: CVE-2024-9681 HSTS subdomain overwrites pant cache entry

First published (updated )
https://seclists.org/oss-sec/2024/q4/57

[SECURITY ADVISORY] curl: CVE-2024-8096: OCSP stapling bypass with GnuTLS

First published (updated )
https://seclists.org/oss-sec/2024/q3/257

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

[SECURITY ADVISORY] curl: CVE-2024-7264 ASN.1 date parser overad

First published (updated )
https://seclists.org/oss-sec/2024/q3/126

Curllibcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Tim…

low
1
First published (updated )
REDHAT-BUG-2301888

[SECURITY ADVISORY] curl: CVE-2024-6197: feing stack buffer in utf8asn1str

First published (updated )
https://seclists.org/oss-sec/2024/q3/111

[SECURITY ADVISORY] curl: CVE-2024-6874: macidn punycode buffer overad

First published (updated )
https://seclists.org/oss-sec/2024/q3/108

[SECURITY ADVISORY] curl: CVE-2024-6197: feing stack buffer in utf8asn1str

First published (updated )
https://seclists.org/oss-sec/2024/q3/107

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

[SECURITY ADVISORY] curl: CVE-2024-2466: TLS certificate check bypass with mbedTLS

First published (updated )
https://seclists.org/oss-sec/2024/q1/256

[SECURITY ADVISORY] curl: CVE-2024-2398: HTTP/2 push headers memory-leak

First published (updated )
https://seclists.org/oss-sec/2024/q1/255

[SECURITY ADVISORY] curl: CVE-2024-2379: QUIC certificate check bypass with wolfSSL

First published (updated )
https://seclists.org/oss-sec/2024/q1/254

[SECURITY ADVISORY] curl: CVE-2024-2004: Usage of disabled protocol

First published (updated )
https://seclists.org/oss-sec/2024/q1/253

CurlOCSP verification bypass with TLS session reuse

medium
5.9
First published (updated )
CVE-2024-0853

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

[SECURITY ADVISORY] curl: CVE-2024-0853 : OCSP verification bypass with TLS session reuse

First published (updated )
https://seclists.org/oss-sec/2024/q1/73

CurlOut-of-bounds Read, Buffer Overflow

critical
9.8
First published (updated )
CVE-2023-52071

[SECURITY ADVISORY] curl: HSTS long file name clears contents

First published (updated )
https://seclists.org/oss-sec/2023/q4/262

[SECURITY ADVISORY] curl: cookie mixed case PSL bypass

First published (updated )
https://seclists.org/oss-sec/2023/q4/261

redhat/curlLast updated 24 July 2024

medium
5.3
First published (updated )
CVE-2023-46219

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203