Max CVSS 6.8 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2013-2174 6.8
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string endi
22-04-2019 - 17:48 31-07-2013 - 13:20
CVE-2011-2192 4.3
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSS
05-01-2018 - 02:29 07-07-2011 - 21:55
CVE-2013-1944 5.0
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL. Per
09-09-2016 - 01:59 29-04-2013 - 22:55
Back to Top Mark selected
Back to Top