| Max CVSS | 9.3 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-3822 | 7.5 |
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents
|
15-06-2021 - 16:45 | 06-02-2019 - 20:29 | |
| CVE-2019-3823 | 5.0 |
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed n
|
09-03-2021 - 15:15 | 06-02-2019 - 20:29 | |
| CVE-2018-16890 | 5.0 |
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subjec
|
18-09-2020 - 16:33 | 06-02-2019 - 20:29 | |
| CVE-2019-3462 | 9.3 |
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
|
24-08-2020 - 17:37 | 28-01-2019 - 21:29 | |
| CVE-2018-16839 | 7.5 |
Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.
|
09-10-2019 - 23:36 | 31-10-2018 - 18:29 |