curl / Docs / Vulnerability table / 7.53.1 vulnerabilities

Vulnerabilities in curl 7.53.1

curl version 7.53.1 was released on February 24 2017. The following 11 security problems are known to exist in this version.

FlawFrom versionTo and includingCVE
HTTP authentication leak in redirects6.07.57.0CVE-2018-1000007
HTTP/2 trailer out-of-bounds read7.49.07.57.0CVE-2018-1000005
FTP wildcard out of bounds read7.21.07.56.1CVE-2017-8817
NTLM buffer overflow via integer overflow7.36.07.56.1CVE-2017-8816
IMAP FETCH response out of bounds read7.20.07.56.0CVE-2017-1000257
FTP PWD response parser out of bounds read7.77.55.1CVE-2017-1000254
URL globbing out of bounds read7.34.07.54.1CVE-2017-1000101
TFTP sends more than buffer size7.15.07.54.1CVE-2017-1000100
URL file scheme drive letter buffer overflow7.53.07.54.0CVE-2017-9502
TLS session resumption client cert bypass (again)7.52.07.53.1CVE-2017-7468
--write-out out of buffer read6.57.53.1CVE-2017-7407

Changelog for curl 7.53.1

See vulnerability summary for the previous release: 7.53.0 or the subsequent release: 7.54.0