Vulnerabilities > Haxx
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-31 | CVE-2018-16840 | Use After Free vulnerability in multiple products A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. | 7.5 |
2018-10-31 | CVE-2018-16839 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service. | 9.8 |
2018-09-05 | CVE-2018-14618 | Integer Overflow or Wraparound vulnerability in multiple products curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. | 10.0 |
2018-08-23 | CVE-2003-1605 | Credentials Management vulnerability in Haxx Curl curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server. | 5.0 |
2018-08-01 | CVE-2016-8625 | Improper Input Validation vulnerability in Haxx Curl curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host. | 7.5 |
2018-08-01 | CVE-2016-8623 | Use After Free vulnerability in Haxx Curl A flaw was found in curl before version 7.51.0. | 7.5 |
2018-08-01 | CVE-2016-8620 | Integer Overflow or Wraparound vulnerability in Haxx Curl The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. | 9.8 |
2018-08-01 | CVE-2016-8619 | Double Free vulnerability in Haxx Curl The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free. | 9.8 |
2018-08-01 | CVE-2016-8616 | Credentials Management vulnerability in Haxx Curl A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. | 5.9 |
2018-08-01 | CVE-2016-8615 | Resource Injection vulnerability in Haxx Curl A flaw was found in curl before version 7.51. | 7.5 |