Known Vulnerabilities for Curl by Haxx
Listed below are 10 of the newest known vulnerabilities associated with "Curl" by "Haxx".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-15612 | Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--in... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2022-22623 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further inv... | Not Provided | 2022-03-18 | 2023-11-07 |
| CVE-2022-22576 | An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authent... | 8.1 - HIGH | 2022-05-26 | 2024-03-27 |
| CVE-2021-22946 | A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP ser... | 7.5 - HIGH | 2021-09-29 | 2024-03-27 |
| CVE-2021-22926 | libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT... | 7.5 - HIGH | 2021-08-05 | 2024-03-27 |
| CVE-2021-22925 | curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to se... | 5.3 - MEDIUM | 2021-08-05 | 2024-03-27 |
| CVE-2021-22923 | When curl is instructed to get content using the metalink feature, and a user name and password are used to download the meta... | 5.3 - MEDIUM | 2021-08-05 | 2024-03-27 |
| CVE-2021-22922 | When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in th... | 6.5 - MEDIUM | 2021-08-05 | 2024-03-27 |
| CVE-2021-22901 | curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TL... | 8.1 - HIGH | 2021-06-11 | 2024-03-27 |
| CVE-2021-22898 | curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPT... | 3.1 - LOW | 2021-06-11 | 2024-03-27 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Haxx | Curl | 7.9.8 | All | All | All |
| Application | Haxx | Curl | 7.9.7 | All | All | All |
| Application | Haxx | Curl | 7.9.6 | All | All | All |
| Application | Haxx | Curl | 7.9.5 | All | All | All |
| Application | Haxx | Curl | 7.9.4 | All | All | All |
| Application | Haxx | Curl | 7.9.3 | All | All | All |
| Application | Haxx | Curl | 7.9.2 | All | All | All |
| Application | Haxx | Curl | 7.9.1 | All | All | All |
| Application | Haxx | Curl | 7.9 | All | All | All |
| Application | Haxx | Curl | 7.8.1 | All | All | All |
| Application | Haxx | Curl | 7.8 | All | All | All |
| Application | Haxx | Curl | 7.74.0 | All | All | All |
| Application | Haxx | Curl | 7.73.0 | All | All | All |
| Application | Haxx | Curl | 7.72.0 | All | All | All |
| Application | Haxx | Curl | 7.71.1 | All | All | All |
| Application | Haxx | Curl | 7.71.0 | All | All | All |
| Application | Haxx | Curl | 7.70.0 | All | All | All |
| Application | Haxx | Curl | 7.7.3 | All | All | All |
| Application | Haxx | Curl | 7.7.2 | All | All | All |
| Application | Haxx | Curl | 7.7.1 | All | All | All |