Splunk Universal Forwarder — known CVE vulnerabilities
Every CVE whose affected-product data names Splunk Universal Forwarder, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (61)
CVE-2022-32221 — CVSS 9.8 (critical): When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when…
CVE-2021-3520 — CVSS 9.8 (critical): There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow…
CVE-2022-36227 — CVSS 9.8 (critical): In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if…
CVE-2022-32207 — CVSS 9.8 (critical): When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a…
CVE-2023-23914 — CVSS 9.1 (critical): A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when…
CVE-2021-22945 — CVSS 9.1 (critical): When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already…
CVE-2023-27534 — CVSS 8.8 (high): A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as…
CVE-2023-27533 — CVSS 8.8 (high): A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on…
CVE-2021-30560 — CVSS 8.8 (high): Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2022-27778 — CVSS 8.1 (high): A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with…
CVE-2022-22576 — CVSS 8.1 (high): An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated…
CVE-2022-42915 — CVSS 8.1 (high): curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection…
CVE-2021-22901 — CVSS 8.1 (high): curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session…
CVE-2022-32156 — CVSS 8.1 (high): In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates…
CVE-2025-20298 — CVSS 8.0 (high): In Universal Forwarder for Windows versions below 9.4.2, 9.3.4, 9.2.6, and 9.1.9, a new installation of or an upgrade to an affected…
CVE-2021-31566 — CVSS 7.8 (high): An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of…
CVE-2020-8177 — CVSS 7.8 (high): curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a…
CVE-2019-20454 — CVSS 7.5 (high): An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects…
CVE-2019-20838 — CVSS 7.5 (high): libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier…
CVE-2020-8169 — CVSS 7.5 (high): curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over…
CVE-2020-8231 — CVSS 7.5 (high): Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.
CVE-2020-8285 — CVSS 7.5 (high): curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
CVE-2020-8286 — CVSS 7.5 (high): curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP…
CVE-2021-22926 — CVSS 7.5 (high): libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT`…
CVE-2021-22946 — CVSS 7.5 (high): A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server…
CVE-2022-27775 — CVSS 7.5 (high): An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the…
CVE-2022-27780 — CVSS 7.5 (high): The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a…
CVE-2022-27781 — CVSS 7.5 (high): libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate…
CVE-2022-27782 — CVSS 7.5 (high): libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited…
CVE-2022-35737 — CVSS 7.5 (high): SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to…
CVE-2022-42916 — CVSS 7.5 (high): In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed…
CVE-2022-43551 — CVSS 7.5 (high): A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can…
CVE-2023-23915 — CVSS 6.5 (medium): A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave…
CVE-2023-23916 — CVSS 6.5 (medium): An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression…
CVE-2021-22922 — CVSS 6.5 (medium): When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML…
CVE-2021-36976 — CVSS 6.5 (medium): libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
CVE-2022-35260 — CVSS 6.5 (medium): curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no…
CVE-2022-27776 — CVSS 6.5 (medium): A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP…
CVE-2022-32206 — CVSS 6.5 (medium): curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and…
CVE-2023-27536 — CVSS 5.9 (medium): An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established…
CVE-2022-43552 — CVSS 5.9 (medium): A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP…
CVE-2021-22947 — CVSS 5.9 (medium): When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server…
CVE-2023-27535 — CVSS 5.9 (medium): An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials…
CVE-2022-32208 — CVSS 5.9 (medium): When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a…
CVE-2023-27537 — CVSS 5.9 (medium): A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without…
CVE-2022-27774 — CVSS 5.7 (medium): An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an…
CVE-2022-37439 — CVSS 5.5 (medium): In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file…
CVE-2023-27538 — CVSS 5.5 (medium): An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite…
CVE-2022-27779 — CVSS 5.3 (medium): libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to…
CVE-2021-22923 — CVSS 5.3 (medium): When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file…
CVE-2021-22897 — CVSS 5.3 (medium): curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST…
CVE-2021-22876 — CVSS 5.3 (medium): curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking…
CVE-2021-22925 — CVSS 5.3 (medium): curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send…
CVE-2022-30115 — CVSS 4.3 (medium): Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is…
CVE-2022-32205 — CVSS 4.3 (medium): A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A…
CVE-2022-35252 — CVSS 3.7 (low): When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back…
CVE-2021-22890 — CVSS 3.7 (low): curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of…
CVE-2020-8284 — CVSS 3.7 (low): A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and…
CVE-2021-22924 — CVSS 3.7 (low): libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to…
CVE-2021-22898 — CVSS 3.1 (low): curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in…