Known Vulnerabilities for products from Curl
Listed below are 6 of the newest known vulnerabilities associated with the vendor "Curl".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-41064 json | Not Provided | 2026-04-22 | 2026-04-22 | |
| CVE-2026-40089 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2026-34428 json | Not Provided | 2026-04-20 | 2026-04-20 | |
| CVE-2026-34160 json | Not Provided | 2026-04-14 | 2026-04-15 | |
| CVE-2026-33752 json | Not Provided | 2026-04-06 | 2026-04-06 | |
| CVE-2026-33659 json | Not Provided | 2026-04-13 | 2026-04-14 | |
| CVE-2026-33534 json | Not Provided | 2026-04-13 | 2026-04-14 | |
| CVE-2025-15612 json | Not Provided | 2026-03-27 | 2026-03-31 | |
| CVE-2025-11713 json | Not Provided | 2025-10-14 | 2026-04-13 | |
| CVE-2025-8030 json | Not Provided | 2025-07-22 | 2026-04-13 | |
| CVE-2012-0036 json | curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, w... | 7.5 - HIGH | 2012-04-13 | 2018-01-10 |
| CVE-2010-3842 json | Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allo... | 5.8 - MEDIUM | 2010-10-28 | 2010-10-28 |
| CVE-2010-0734 json | content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback ... | 6.8 - MEDIUM | 2010-03-19 | 2018-10-10 |
| CVE-2009-2417 json | lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a dom... | 7.5 - HIGH | 2009-08-14 | 2018-10-10 |
| CVE-2009-0037 json | The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrar... | 6.8 - MEDIUM | 2009-03-05 | 2018-10-11 |
| CVE-2005-3185 json | Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.... | Not Provided | 2005-10-13 | 2025-04-03 |