| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-1000254 | 5.0 |
libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory with the `PWD` command. The server then responds with
|
29-06-2021 - 15:15 | 06-10-2017 - 13:29 | |
| CVE-2017-8817 | 7.5 |
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.
|
13-11-2018 - 11:29 | 29-11-2017 - 18:29 | |
| CVE-2017-8816 | 7.5 |
The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via
|
13-11-2018 - 11:29 | 29-11-2017 - 18:29 | |
| CVE-2017-1000257 | 6.4 |
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. l
|
13-11-2018 - 11:29 | 31-10-2017 - 21:29 | |
| CVE-2017-8818 | 7.5 |
curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL li
|
20-12-2017 - 20:56 | 29-11-2017 - 18:29 |