curl / Docs / Vulnerability table / 7.8.1 vulnerabilities

Vulnerabilities in curl 7.8.1

curl version 7.8.1 was released on August 20 2001

It has the following 32 published security problems.

Flaw	From version	To and including
more POST-after-PUT confusion	7.7	8.0.1
TELNET option IAC injection	7.7	7.88.1
POST following PUT confusion	7.7	7.85.0
control code in cookie denial of service	4.9	7.84.0
Auth/cookie leak on redirect	4.9	7.82.0
Credential leak on redirect	4.9	7.82.0
TELNET stack contents disclosure again	7.7	7.77.0
TELNET stack contents disclosure	7.7	7.76.1
Automatic referer leaks credentials	7.1.1	7.75.0
trusting FTP PASV responses	4.0	7.73.0
HTTP authentication leak in redirects	6.0	7.57.0
FTP PWD response parser out of bounds read	7.7	7.55.1
--write-out out of buffer read	6.5	7.53.1
printf floating point buffer overflow	5.4	7.51.0
cookie injection for other servers	4.9	7.50.3
case insensitive password comparison	7.7	7.50.3
OOB write via unchecked multiplication	7.8.1	7.50.3
double free in curl_maprintf	5.4	7.50.3
double free in krb5 code	7.3	7.50.3
invalid URL parsing with '#'	6.0	7.50.3
TLS session resumption client cert bypass	5.0	7.50.0
Reusing connections with wrong client cert	7.7	7.50.0
remote filename path traversal in curl tool for Windows	4.0	7.46.0
sensitive HTTP server headers also sent to proxies	4.0	7.42.0
URL request injection	6.0	7.39.0
cookie leak with IP address as domain	4.0	7.37.1
URL decode buffer boundary flaw	7.7	7.30.0
cookie domain tailmatch	4.7	7.29.0
embedded zero in cert name	7.4	7.19.5
Arbitrary File Access	5.11	7.19.3
Authentication Buffer Overflows	7.3	7.13.0
Proxy Authentication Header Information Leakage	4.5	7.10.6

Further details

CVE data for 7.8.1 provided as JSON.