Filter
Software
IBM Cognos AnalyticsASN.1 date parser overread
6.5
EPSS
0.06%
First published (updated )
debian/curlHSTS subdomain overwrites parent cache entry
6.5
EPSS
0.05%
First published (updated )
ubuntu/curlCurl and libcurl CVE-2023-38545 and CVE-2023-38546 vulnerabilities
3.7
First published (updated )
Microsoft Windows 11freeing stack buffer in utf8asn1str
8.8
EPSS
0.04%
First published (updated )
redhat/jbcs-httpd24-curlcurl. Multiple issues were addressed by updating curl.
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Splunk Universal ForwarderA insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authenticati…
6.5
First published (updated )
Splunk Universal Forwardercurl. Multiple issues were addressed by updating to curl version 7.86.0.
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/curlA flaw was found in curl in the way curl handles credentials when downloading content using the Meta…
5.7
First published (updated )
Apple Mac OS Xcurl. This issue was addressed with improved checks.
7.5
First published (updated )
Microsoft Windows 10Curl and libcurl CVE-2023-38545 and CVE-2023-38546 vulnerabilities
9.8
EPSS
0.18%
First published (updated )
Fedoraproject FedoraA flaw was found in the way libcurl handled TLS 1.3 session tickets. A malicious HTTPS proxy could p…
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Haxx Libcurlmacidn punycode buffer overread
4.3
EPSS
0.04%
First published (updated )
redhat/curlcurl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has…
7.5
First published (updated )
redhat/curlcurl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Google Nest Mini FirmwareThe libcurl CURLOPT_SSL_VERIFYPEER option was disabled on a subset of requests made by Nest producti…
5.9
First published (updated )
Haxx Curlcurl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server.
7.5
First published (updated )
Haxx CurlThe verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built …
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Canonical Ubuntu LinuxThe Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in c…
4.3
First published (updated )
Haxx CurlcURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN…
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.