curl vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the curl package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Special Element Injection	<0:7.61.1-12.105.amzn1
M Allocation of Resources Without Limits or Throttling	<0:7.61.1-12.104.amzn1
M Directory Traversal	<0:7.61.1-12.104.amzn1
M Authentication Bypass by Primary Weakness	<0:7.61.1-12.105.amzn1
M Use After Free	<0:7.61.1-12.104.amzn1
M Authentication Bypass by Primary Weakness	<0:7.61.1-12.105.amzn1
M Insufficiently Protected Credentials	<0:7.61.1-12.101.amzn1
M Improper Validation of Syntactic Correctness of Input	<0:7.61.1-12.101.amzn1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:7.61.1-12.101.amzn1
M Improper Authentication	<0:7.61.1-12.101.amzn1
M Insufficiently Protected Credentials	<0:7.61.1-12.101.amzn1
M Improper Enforcement of Message Integrity During Transmission in a Communication Channel	<0:7.61.1-12.101.amzn1
M Allocation of Resources Without Limits or Throttling	<0:7.61.1-12.101.amzn1
M Improper Certificate Validation	<0:7.61.1-12.101.amzn1
M Insufficient Verification of Data Authenticity	<0:7.61.1-12.100.amzn1
M Cleartext Transmission of Sensitive Information	<0:7.61.1-12.100.amzn1
M Use of Incorrectly-Resolved Name or Reference	<0:7.61.1-12.99.amzn1
M Missing Initialization of Resource	<0:7.61.1-12.98.amzn1
M Information Exposure	<0:7.61.1-12.98.amzn1
L Use After Free	<0:7.61.1-12.95.amzn1
M Arbitrary Code Injection	<0:7.61.1-12.94.amzn1
M Double Free	<0:7.61.1-12.93.amzn1
M Buffer Overflow	<0:7.61.1-12.93.amzn1
L Out-of-bounds Write	<0:7.61.1-11.91.amzn1
L Integer Overflow or Wraparound	<0:7.61.1-11.91.amzn1
L Out-of-bounds Read	<0:7.53.1-16.86.amzn1
M Information Exposure	<0:7.61.1-7.91.amzn1
M Out-of-bounds Write	<0:7.61.1-7.91.amzn1
L Use After Free	<0:7.53.1-16.86.amzn1
L Out-of-Bounds	<0:7.53.1-16.86.amzn1
L Integer Overflow or Wraparound	<0:7.53.1-16.85.amzn1
M NULL Pointer Dereference	<0:7.53.1-16.84.amzn1
M Out-of-bounds Write	<0:7.53.1-16.84.amzn1
M Out-of-bounds Read	<0:7.53.1-16.84.amzn1
H CVE-2018-1000007	<0:7.53.1-14.81.amzn1
H Out-of-bounds Read	<0:7.53.1-14.81.amzn1
M Out-of-bounds Read	<0:7.53.1-13.80.amzn1
M Integer Overflow or Wraparound	<0:7.53.1-13.80.amzn1
M Out-of-Bounds	<0:7.53.1-11.78.amzn1
M Out-of-Bounds	<0:7.53.1-12.79.amzn1
M Out-of-Bounds	<0:7.51.0-9.75.amzn1
M Information Exposure	<0:7.51.0-9.75.amzn1
M Information Exposure	<0:7.51.0-9.75.amzn1
L Out-of-Bounds	<0:7.51.0-6.74.amzn1
L Heap-based Buffer Overflow	<0:7.47.1-9.70.amzn1
M Resource Injection	<0:7.47.1-9.66.amzn1
M Use After Free	<0:7.47.1-9.66.amzn1
M Out-of-bounds Write	<0:7.47.1-9.66.amzn1
M Double Free	<0:7.47.1-9.66.amzn1
M Double Free	<0:7.47.1-9.66.amzn1
M Improper Input Validation	<0:7.47.1-9.66.amzn1
M Buffer Overflow	<0:7.47.1-9.66.amzn1
M Credentials Management	<0:7.47.1-9.66.amzn1
M Out-of-bounds Read	<0:7.47.1-9.66.amzn1
M Out-of-bounds Write	<0:7.47.1-9.66.amzn1
L Improper Authentication	<0:7.47.1-8.65.amzn1
L Integer Overflow or Wraparound	<0:7.47.1-8.65.amzn1
M Use After Free	<0:7.40.0-8.59.amzn1
M Improper Authorization	<0:7.40.0-8.59.amzn1
M Cryptographic Issues	<0:7.40.0-8.59.amzn1
L Improper Authentication	<0:7.40.0-8.54.amzn1
M Improper Input Validation	<0:7.40.0-3.51.amzn1
M Information Exposure	<0:7.40.0-3.51.amzn1
M Out-of-Bounds	<0:7.40.0-3.50.amzn1
M Out-of-Bounds	<0:7.40.0-3.50.amzn1
M Access Restriction Bypass	<0:7.40.0-3.50.amzn1
M Improper Access Control	<0:7.40.0-3.50.amzn1
M CVE-2014-8150	<0:7.40.0-1.49.amzn1
M Information Exposure	<0:7.40.0-1.49.amzn1
M Cryptographic Issues	<0:7.38.0-1.46.amzn1
M Cryptographic Issues	<0:7.38.0-1.46.amzn1
M Improper Authentication	<0:7.36.0-2.44.amzn1
M Improper Authentication	<0:7.35.0-2.42.amzn1
M Information Exposure	<0:7.27.0-11.34.amzn1