curl / Docs / Vulnerability table / 7.52.1 vulnerabilities

Vulnerabilities in curl 7.52.1

curl version 7.52.1 was released on December 23 2016. The following 11 security problems are known to exist in this version.

FlawFrom versionTo and includingCVE
HTTP authentication leak in redirects6.07.57.0CVE-2018-1000007
HTTP/2 trailer out-of-bounds read7.
FTP wildcard out of bounds read7.
NTLM buffer overflow via integer overflow7.
IMAP FETCH response out of bounds read7.
FTP PWD response parser out of bounds read7.77.55.1CVE-2017-1000254
URL globbing out of bounds read7.
TFTP sends more than buffer size7.
TLS session resumption client cert bypass (again)
--write-out out of buffer read6.57.53.1CVE-2017-7407

Changelog for curl 7.52.1

See vulnerability summary for the previous release: 7.52.0 or the subsequent release: 7.53.0