curl / Docs / Vulnerability table / 7.53.0 vulnerabilities

Vulnerabilities in curl 7.53.0

curl version 7.53.0 was released on February 22 2017. The following 11 security problems are known to exist in this version.

FlawFrom versionTo and includingCVE
HTTP authentication leak in redirects6.07.57.0CVE-2018-1000007
HTTP/2 trailer out-of-bounds read7.
FTP wildcard out of bounds read7.
NTLM buffer overflow via integer overflow7.
IMAP FETCH response out of bounds read7.
FTP PWD response parser out of bounds read7.77.55.1CVE-2017-1000254
URL globbing out of bounds read7.
TFTP sends more than buffer size7.
URL file scheme drive letter buffer overflow7.
TLS session resumption client cert bypass (again)
--write-out out of buffer read6.57.53.1CVE-2017-7407

Changelog for curl 7.53.0

See vulnerability summary for the previous release: 7.52.1 or the subsequent release: 7.53.1