curl 7.1

Status EOLSupport 2000-08 – 2000-08Latest 7.1.0Vulnerabilities 22← All curl versions
Critical 9.8 Unfixed
2018-03-12≤ 7.1.1

curl: negotiate not treated as connection-oriented (incomplete fix for CVE-2015-3148)

CVE
Critical 9.8
2020-02-21≤ 7.1.1

CVE
Critical 9.8
2018-01-24≤ 7.1.1

curl: HTTP authentication leak in redirects

CVE
High 7.5
2018-08-23≤ 7.1.1

CVE
Medium 6.8
2009-03-05≤ 7.1.1

curl: local file access via unsafe redirects

CVE
Medium 6.5
2022-06-01≤ 7.1.1

curl: auth/cookie leak on redirect

CVE
Medium 5.9
2018-04-23≤ 7.1.1

curl: printf floating point buffer overflow

CVE
Medium 5.7
2022-06-01≤ 7.1.1

curl: credential leak on redirect

CVE
Medium 5.3
2016-01-29≤ 7.1.1

CVE
Medium 5.3
2018-07-31≤ 7.1.1

curl: Invalid URL parsing with '#'

CVE
Medium 5.3
2018-07-31≤ 7.1.1

curl: Double-free in curl_maprintf

CVE
Medium 5.3
2018-08-01≤ 7.1.1

curl: Cookie injection for other servers

CVE
Medium 5.0
2013-04-29≤ 7.1.1

curl: Cookie domain suffix match vulnerability

CVE
Medium 5.0
2014-11-18≤ 7.1.1

curl: incorrect handling of IP addresses in cookie domain

CVE
Medium 5.0
2015-05-01≤ 7.1.1

curl: sensitive HTTP server headers also sent to proxies

CVE
Low 3.7
2020-12-14≤ 7.1.1

curl: FTP PASV command response can cause curl to connect to arbitrary host

CVE
Low 3.7
2022-09-23≤ 7.1.1

curl: Incorrect handling of control code characters in cookies

CVE
Low 2.4
2017-04-03≤ 7.1.1

curl: --write-out out of bounds read

CVE
N/A
2001-01-22≤ 7.1.1

CVE
N/A
2015-01-15≤ 7.1.1

CVE
N/A
2016-08-10≤ 7.1.1

CVE
N/A
2021-04-01≥ 7.1.1

CVE