Search for packages
| purl | pkg:generic/curl.se/curl@7.65.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1dvu-a5gy-aaah
Aliases: CVE-2024-7264 |
libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the *time fraction*, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used. |
Affected by 7 other vulnerabilities. |
|
VCID-21v4-npjs-aaap
Aliases: CVE-2022-27774 |
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. |
Affected by 38 other vulnerabilities. |
|
VCID-2wug-ez9w-aaae
Aliases: CVE-2019-5443 |
A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants. |
Affected by 44 other vulnerabilities. |
|
VCID-2zq2-qsgf-aaaj
Aliases: CVE-2021-22898 |
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol. |
Affected by 45 other vulnerabilities. |
|
VCID-4cfn-n9zj-aaap
Aliases: CVE-2022-27775 |
An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. |
Affected by 38 other vulnerabilities. |
|
VCID-5t39-fany-aaan
Aliases: CVE-2020-8177 |
curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. |
Affected by 45 other vulnerabilities. |
|
VCID-61j5-aj1z-aaaq
Aliases: CVE-2021-22924 |
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate. |
Affected by 40 other vulnerabilities. |
|
VCID-66xg-3bn3-aaaj
Aliases: CVE-2022-32208 |
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. |
Affected by 31 other vulnerabilities. |
|
VCID-6qjg-v45t-aaam
Aliases: CVE-2021-22925 |
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application. |
Affected by 40 other vulnerabilities. |
|
VCID-7j8d-dux3-aaaa
Aliases: CVE-2023-28320 |
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. |
Affected by 13 other vulnerabilities. |
|
VCID-7je1-vmpe-aaad
Aliases: CVE-2022-32221 |
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST. |
Affected by 27 other vulnerabilities. |
|
VCID-84jx-d3z4-aaag
Aliases: CVE-2023-27533 |
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system. |
Affected by 17 other vulnerabilities. |
|
VCID-8n1u-u1zp-aaac
Aliases: CVE-2019-5482 |
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. |
Affected by 44 other vulnerabilities. |
|
VCID-97mb-c19v-bqcx
Aliases: CVE-2025-0725 |
libcurl: Buffer Overflow in libcurl via zlib Integer Overflow |
Affected by 2 other vulnerabilities. |
|
VCID-9ee5-xkhm-aaad
Aliases: CVE-2021-22923 |
When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user's expectations and intentions and without telling the user it happened. |
Affected by 40 other vulnerabilities. |
|
VCID-9ndg-1sj3-aaab
Aliases: CVE-2020-8284 |
Affected by 43 other vulnerabilities. |
|
|
VCID-a5a7-essu-aaah
Aliases: CVE-2020-8286 |
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. |
Affected by 43 other vulnerabilities. |
|
VCID-b5rv-fyys-aaar
Aliases: CVE-2021-22926 |
libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certificate by name or with a file name - using the same option. If the name exists as a file, it will be used instead of by name.If the appliction runs with a current working directory that is writable by other users (like `/tmp`), a malicious user can create a file name with the same name as the app wants to use by name, and thereby trick the application to use the file based cert instead of the one referred to by name making libcurl send the wrong client certificate in the TLS connection handshake. |
Affected by 40 other vulnerabilities. |
|
VCID-d4pe-rmxp-aaak
Aliases: CVE-2022-43552 |
A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path. |
Affected by 25 other vulnerabilities. |
|
VCID-dz47-c3tm-aaap
Aliases: CVE-2021-22890 |
Affected by 43 other vulnerabilities. |
|
|
VCID-eutp-u3c4-aaae
Aliases: CVE-2023-27536 |
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. |
Affected by 17 other vulnerabilities. |
|
VCID-gk8w-7smm-aaac
Aliases: CVE-2021-22947 |
When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server. |
Affected by 37 other vulnerabilities. |
|
VCID-gvnm-3697-aaap
Aliases: CVE-2024-2398 |
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. |
Affected by 8 other vulnerabilities. |
|
VCID-gw9j-gggs-t7at
Aliases: CVE-2024-11053 |
When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password. |
Affected by 5 other vulnerabilities. |
|
VCID-gwcj-g9n8-aaas
Aliases: CVE-2023-38546 |
This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single transfers. libcurl provides a function call that duplicates en easy handle called [curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html). If a transfer has cookies enabled when the handle is duplicated, the cookie-enable state is also cloned - but without cloning the actual cookies. If the source handle did not read any cookies from a specific file on disk, the cloned version of the handle would instead store the file name as `none` (using the four ASCII letters, no quotes). Subsequent use of the cloned handle that does not explicitly set a source to load cookies from would then inadvertently load cookies from a file named `none` - if such a file exists and is readable in the current directory of the program using libcurl. And if using the correct file format of course. |
Affected by 10 other vulnerabilities. |
|
VCID-jd3p-qdc8-aaah
Aliases: CVE-2023-27534 |
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user. |
Affected by 17 other vulnerabilities. |
|
VCID-mjks-tkp5-aaar
Aliases: CVE-2021-22946 |
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network. |
Affected by 37 other vulnerabilities. |
|
VCID-naz1-7t8w-aaar
Aliases: CVE-2021-22922 |
When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk. |
Affected by 40 other vulnerabilities. |
|
VCID-nd5m-5pst-aaac
Aliases: CVE-2022-27782 |
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily. |
Affected by 32 other vulnerabilities. |
|
VCID-ngzd-mupw-aaas
Aliases: CVE-2021-22897 |
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly. |
Affected by 45 other vulnerabilities. |
|
VCID-njss-xaxg-aaab
Aliases: CVE-2020-8231 |
Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. |
Affected by 44 other vulnerabilities. |
|
VCID-nn2j-we1s-aaaa
Aliases: CVE-2020-8169 |
curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s). |
Affected by 45 other vulnerabilities. |
|
VCID-pjd5-rdfe-aaak
Aliases: CVE-2023-46218 |
This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain. |
Affected by 11 other vulnerabilities. |
|
VCID-ps8e-n9m2-aaar
Aliases: CVE-2022-35252 |
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings. |
Affected by 31 other vulnerabilities. |
|
VCID-pzhv-dhbt-aaan
Aliases: CVE-2023-27538 |
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection. |
Affected by 17 other vulnerabilities. |
|
VCID-rhpa-297r-aaam
Aliases: CVE-2023-27535 |
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information. |
Affected by 17 other vulnerabilities. |
|
VCID-spj8-2b9e-aaab
Aliases: CVE-2019-5481 |
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. |
Affected by 44 other vulnerabilities. |
|
VCID-sx32-s4fx-aaas
Aliases: CVE-2022-27781 |
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation. |
Affected by 32 other vulnerabilities. |
|
VCID-uvwv-wpr9-aaas
Aliases: CVE-2023-28321 |
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`. |
Affected by 13 other vulnerabilities. |
|
VCID-v19q-5qr6-aaaa
Aliases: CVE-2023-23916 |
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors. |
Affected by 23 other vulnerabilities. |
|
VCID-vffj-n1n7-aaah
Aliases: CVE-2022-32206 |
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors. |
Affected by 31 other vulnerabilities. |
|
VCID-w4x7-57vc-7yh7
Aliases: CVE-2024-8096 |
When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate. |
Affected by 6 other vulnerabilities. |
|
VCID-w8yq-q8v2-aaaa
Aliases: CVE-2023-28322 |
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. |
Affected by 13 other vulnerabilities. |
|
VCID-wjdy-shr9-aaah
Aliases: CVE-2020-8285 |
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. |
Affected by 43 other vulnerabilities. |
|
VCID-wyw1-r84q-aaac
Aliases: CVE-2021-22876 |
Affected by 43 other vulnerabilities. |
|
|
VCID-yg55-qf39-aaak
Aliases: CVE-2022-27776 |
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. |
Affected by 38 other vulnerabilities. |
|
VCID-yp4n-q9qb-aaac
Aliases: CVE-2022-22576 |
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only). |
Affected by 38 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-fth4-rgkf-aaam | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. |
CVE-2019-5436
|
| VCID-tbcz-fvgf-aaaq | An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1. |
CVE-2019-5435
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T13:43:16.083391+00:00 | Curl Importer | Affected by | VCID-97mb-c19v-bqcx | https://curl.se/docs/CVE-2025-0725.json | 36.0.0 |
| 2024-12-11T08:35:47.602157+00:00 | Curl Importer | Affected by | VCID-gw9j-gggs-t7at | https://curl.se/docs/CVE-2024-11053.json | 35.0.0 |
| 2024-09-18T09:29:05.921905+00:00 | Curl Importer | Fixing | VCID-tbcz-fvgf-aaaq | https://curl.se/docs/CVE-2019-5435.json | 34.0.1 |
| 2024-09-18T09:29:05.869647+00:00 | Curl Importer | Fixing | VCID-fth4-rgkf-aaam | https://curl.se/docs/CVE-2019-5436.json | 34.0.1 |
| 2024-09-18T09:29:05.439333+00:00 | Curl Importer | Affected by | VCID-2wug-ez9w-aaae | https://curl.se/docs/CVE-2019-5443.json | 34.0.1 |
| 2024-09-18T09:29:05.211424+00:00 | Curl Importer | Affected by | VCID-8n1u-u1zp-aaac | https://curl.se/docs/CVE-2019-5482.json | 34.0.1 |
| 2024-09-18T09:29:04.771243+00:00 | Curl Importer | Affected by | VCID-spj8-2b9e-aaab | https://curl.se/docs/CVE-2019-5481.json | 34.0.1 |
| 2024-09-18T09:29:04.586104+00:00 | Curl Importer | Affected by | VCID-nn2j-we1s-aaaa | https://curl.se/docs/CVE-2020-8169.json | 34.0.1 |
| 2024-09-18T09:29:04.485339+00:00 | Curl Importer | Affected by | VCID-5t39-fany-aaan | https://curl.se/docs/CVE-2020-8177.json | 34.0.1 |
| 2024-09-18T09:29:04.005966+00:00 | Curl Importer | Affected by | VCID-njss-xaxg-aaab | https://curl.se/docs/CVE-2020-8231.json | 34.0.1 |
| 2024-09-18T09:29:03.618146+00:00 | Curl Importer | Affected by | VCID-9ndg-1sj3-aaab | https://curl.se/docs/CVE-2020-8284.json | 34.0.1 |
| 2024-09-18T09:29:02.501006+00:00 | Curl Importer | Affected by | VCID-wjdy-shr9-aaah | https://curl.se/docs/CVE-2020-8285.json | 34.0.1 |
| 2024-09-18T09:29:01.984657+00:00 | Curl Importer | Affected by | VCID-a5a7-essu-aaah | https://curl.se/docs/CVE-2020-8286.json | 34.0.1 |
| 2024-09-18T09:29:01.663151+00:00 | Curl Importer | Affected by | VCID-wyw1-r84q-aaac | https://curl.se/docs/CVE-2021-22876.json | 34.0.1 |
| 2024-09-18T09:29:00.799508+00:00 | Curl Importer | Affected by | VCID-dz47-c3tm-aaap | https://curl.se/docs/CVE-2021-22890.json | 34.0.1 |
| 2024-09-18T09:29:00.656897+00:00 | Curl Importer | Affected by | VCID-ngzd-mupw-aaas | https://curl.se/docs/CVE-2021-22897.json | 34.0.1 |
| 2024-09-18T09:29:00.494569+00:00 | Curl Importer | Affected by | VCID-2zq2-qsgf-aaaj | https://curl.se/docs/CVE-2021-22898.json | 34.0.1 |
| 2024-09-18T09:28:59.608530+00:00 | Curl Importer | Affected by | VCID-naz1-7t8w-aaar | https://curl.se/docs/CVE-2021-22922.json | 34.0.1 |
| 2024-09-18T09:28:59.187393+00:00 | Curl Importer | Affected by | VCID-9ee5-xkhm-aaad | https://curl.se/docs/CVE-2021-22923.json | 34.0.1 |
| 2024-09-18T09:28:58.765922+00:00 | Curl Importer | Affected by | VCID-61j5-aj1z-aaaq | https://curl.se/docs/CVE-2021-22924.json | 34.0.1 |
| 2024-09-18T09:28:58.027279+00:00 | Curl Importer | Affected by | VCID-6qjg-v45t-aaam | https://curl.se/docs/CVE-2021-22925.json | 34.0.1 |
| 2024-09-18T09:28:57.183357+00:00 | Curl Importer | Affected by | VCID-b5rv-fyys-aaar | https://curl.se/docs/CVE-2021-22926.json | 34.0.1 |
| 2024-09-18T09:28:56.722072+00:00 | Curl Importer | Affected by | VCID-mjks-tkp5-aaar | https://curl.se/docs/CVE-2021-22946.json | 34.0.1 |
| 2024-09-18T09:28:56.222794+00:00 | Curl Importer | Affected by | VCID-gk8w-7smm-aaac | https://curl.se/docs/CVE-2021-22947.json | 34.0.1 |
| 2024-09-18T09:28:55.705126+00:00 | Curl Importer | Affected by | VCID-yp4n-q9qb-aaac | https://curl.se/docs/CVE-2022-22576.json | 34.0.1 |
| 2024-09-18T09:28:55.302398+00:00 | Curl Importer | Affected by | VCID-21v4-npjs-aaap | https://curl.se/docs/CVE-2022-27774.json | 34.0.1 |
| 2024-09-18T09:28:54.254879+00:00 | Curl Importer | Affected by | VCID-4cfn-n9zj-aaap | https://curl.se/docs/CVE-2022-27775.json | 34.0.1 |
| 2024-09-18T09:28:54.091358+00:00 | Curl Importer | Affected by | VCID-yg55-qf39-aaak | https://curl.se/docs/CVE-2022-27776.json | 34.0.1 |
| 2024-09-18T09:28:52.946176+00:00 | Curl Importer | Affected by | VCID-sx32-s4fx-aaas | https://curl.se/docs/CVE-2022-27781.json | 34.0.1 |
| 2024-09-18T09:28:52.552560+00:00 | Curl Importer | Affected by | VCID-nd5m-5pst-aaac | https://curl.se/docs/CVE-2022-27782.json | 34.0.1 |
| 2024-09-18T09:28:51.799835+00:00 | Curl Importer | Affected by | VCID-vffj-n1n7-aaah | https://curl.se/docs/CVE-2022-32206.json | 34.0.1 |
| 2024-09-18T09:28:51.440546+00:00 | Curl Importer | Affected by | VCID-66xg-3bn3-aaaj | https://curl.se/docs/CVE-2022-32208.json | 34.0.1 |
| 2024-09-18T09:28:50.799031+00:00 | Curl Importer | Affected by | VCID-ps8e-n9m2-aaar | https://curl.se/docs/CVE-2022-35252.json | 34.0.1 |
| 2024-09-18T09:28:49.652550+00:00 | Curl Importer | Affected by | VCID-7je1-vmpe-aaad | https://curl.se/docs/CVE-2022-32221.json | 34.0.1 |
| 2024-09-18T09:28:48.468206+00:00 | Curl Importer | Affected by | VCID-d4pe-rmxp-aaak | https://curl.se/docs/CVE-2022-43552.json | 34.0.1 |
| 2024-09-18T09:28:47.643624+00:00 | Curl Importer | Affected by | VCID-v19q-5qr6-aaaa | https://curl.se/docs/CVE-2023-23916.json | 34.0.1 |
| 2024-09-18T09:28:47.381905+00:00 | Curl Importer | Affected by | VCID-84jx-d3z4-aaag | https://curl.se/docs/CVE-2023-27533.json | 34.0.1 |
| 2024-09-18T09:28:46.462479+00:00 | Curl Importer | Affected by | VCID-jd3p-qdc8-aaah | https://curl.se/docs/CVE-2023-27534.json | 34.0.1 |
| 2024-09-18T09:28:45.809896+00:00 | Curl Importer | Affected by | VCID-rhpa-297r-aaam | https://curl.se/docs/CVE-2023-27535.json | 34.0.1 |
| 2024-09-18T09:28:45.059632+00:00 | Curl Importer | Affected by | VCID-eutp-u3c4-aaae | https://curl.se/docs/CVE-2023-27536.json | 34.0.1 |
| 2024-09-18T09:28:44.492292+00:00 | Curl Importer | Affected by | VCID-pzhv-dhbt-aaan | https://curl.se/docs/CVE-2023-27538.json | 34.0.1 |
| 2024-09-18T09:28:43.689557+00:00 | Curl Importer | Affected by | VCID-7j8d-dux3-aaaa | https://curl.se/docs/CVE-2023-28320.json | 34.0.1 |
| 2024-09-18T09:28:42.816061+00:00 | Curl Importer | Affected by | VCID-uvwv-wpr9-aaas | https://curl.se/docs/CVE-2023-28321.json | 34.0.1 |
| 2024-09-18T09:28:42.021889+00:00 | Curl Importer | Affected by | VCID-w8yq-q8v2-aaaa | https://curl.se/docs/CVE-2023-28322.json | 34.0.1 |
| 2024-09-18T09:28:40.799880+00:00 | Curl Importer | Affected by | VCID-gwcj-g9n8-aaas | https://curl.se/docs/CVE-2023-38546.json | 34.0.1 |
| 2024-09-18T09:28:39.784213+00:00 | Curl Importer | Affected by | VCID-pjd5-rdfe-aaak | https://curl.se/docs/CVE-2023-46218.json | 34.0.1 |
| 2024-09-18T09:28:39.074982+00:00 | Curl Importer | Affected by | VCID-gvnm-3697-aaap | https://curl.se/docs/CVE-2024-2398.json | 34.0.1 |
| 2024-09-18T09:28:38.498072+00:00 | Curl Importer | Affected by | VCID-1dvu-a5gy-aaah | https://curl.se/docs/CVE-2024-7264.json | 34.0.1 |
| 2024-09-18T09:28:37.884832+00:00 | Curl Importer | Affected by | VCID-w4x7-57vc-7yh7 | https://curl.se/docs/CVE-2024-8096.json | 34.0.1 |