Vulnerabilities > Haxx > Libcurl > 7.50.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-05 | CVE-2017-1000100 | Information Exposure vulnerability in Haxx Libcurl When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. | 4.3 |
2016-10-07 | CVE-2016-7167 | Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow. | 9.8 |