Every CVE whose affected-product data names Curl Libcurl, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2009-2417 — CVSS 7.5 (high): lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in…
CVE-2012-0036 — CVSS 7.5 (high): curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows…
CVE-2009-0037 — CVSS 6.8 (medium): The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location…
CVE-2010-0734 — CVSS 6.8 (medium): content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to…