curl - HackerOne Reports

Stack-based Buffer Overflow in TELNET NEW_ENV Option Handling

Reported by: agent_0 | Disclosed:

High

Weakness: Stack Overflow

Cache purge requests are not authenticated

Reported by: dhananjay09 | Disclosed:

Medium

Weakness: Business Logic Errors

Buffer Overflow Vulnerability in strcpy() Leading to Remote Code Execution

Reported by: lostnotfound123 | Disclosed:

Critical

Weakness: Classic Buffer Overflow

`Curl_socketpair()` fallback vulnerable to man-in-the-middle attack

Reported by: jmanojlovich | Disclosed:

Weakness: Man-in-the-Middle

CVEs: CVE-2024-3219

CVE-2022-42916: HSTS bypass via IDN

Reported by: kurohiro | Disclosed:

Medium

Weakness: Cleartext Transmission of Sensitive Information

CVE-2023-46219: HSTS long file name clears contents

Reported by: cxshakal | Disclosed:

Low

Weakness: Missing Encryption of Sensitive Data

CVE-2023-23915: HSTS amnesia with --parallel

Reported by: nyymi | Disclosed:

Low

Weakness: Cleartext Transmission of Sensitive Information

NULL Pointer dereference in idn.c

Reported by: s0urc3_ | Disclosed:

Critical

Weakness: NULL Pointer Dereference

libcurl: SMTP end-of-response out-of-bounds read - CVE-2019-3823

Reported by: geeknik | Disclosed:

High

Weakness: Heap Overflow

CVEs: CVE-2019-3823

CVE-2023-46218: cookie mixed case PSL bypass

Reported by: nyymi | Disclosed:

Medium

Weakness: Information Exposure Through Sent Data

Double Free Vulnerability in `libcurl` Cookie Management (`cookie.c`)

Reported by: tannicarcher | Disclosed:

Weakness: Double Free

CVE-2025-5399: WebSocket endless loop

Reported by: z2_ | Disclosed:

Low

Weakness: Loop with Unreachable Exit Condition ('Infinite Loop')

OS Command Injection (subprocess Module Usage)

Reported by: bulter | Disclosed:

Low

Weakness: OS Command Injection

CVE-2023-28320: siglongjmp race condition

Reported by: nyymi | Disclosed:

Low

Weakness: Improper Synchronization

curl overwrites local file with -J option if file non-readable, but file writable.

Reported by: brumbrum | Disclosed:

Medium

Weakness: Improper Handling of Insufficient Permissions or Privileges

CVEs: CVE-2020-8177

CVE-2019-5481: krb5: double-free in read_data() after realloc() fail

Reported by: thomas_v | Disclosed:

Medium

Weakness: Double Free

CVE-2025-5025: No QUIC certificate pinning with wolfSSL

Reported by: kurohiro | Disclosed:

Medium

Weakness: Improper Certificate Validation

CVE-2022-43551: Another HSTS bypass via IDN

Reported by: kurohiro | Disclosed:

Medium

Weakness: Cleartext Transmission of Sensitive Information

CVEs: CVE-2022-42916

CVE-2022-35252: control code in cookie denial of service

Reported by: haxatron1 | Disclosed:

Low

Weakness: Improper Input Validation

CVE-2022-27782: TLS and SSH connection too eager reuse

Reported by: nyymi | Disclosed:

Medium

Weakness: Business Logic Errors