curl / Docs / Vulnerability table / 7.52.1 vulnerabilities

Vulnerabilities in curl 7.52.1

curl version 7.52.1 was released on December 23 2016. The following 11 security problems are known to exist in this version.

FlawFrom versionTo and includingCVE
HTTP authentication leak in redirects6.07.57.0CVE-2018-1000007
HTTP/2 trailer out-of-bounds read7.49.07.57.0CVE-2018-1000005
FTP wildcard out of bounds read7.21.07.56.1CVE-2017-8817
NTLM buffer overflow via integer overflow7.36.07.56.1CVE-2017-8816
IMAP FETCH response out of bounds read7.20.07.56.0CVE-2017-1000257
FTP PWD response parser out of bounds read7.77.55.1CVE-2017-1000254
URL globbing out of bounds read7.34.07.54.1CVE-2017-1000101
TFTP sends more than buffer size7.15.07.54.1CVE-2017-1000100
TLS session resumption client cert bypass (again)7.52.07.53.1CVE-2017-7468
--write-out out of buffer read6.57.53.1CVE-2017-7407
SSL_VERIFYSTATUS ignored7.52.07.52.1CVE-2017-2629

Changelog for curl 7.52.1

See vulnerability summary for the previous release: 7.52.0 or the subsequent release: 7.53.0