Docs Overview
Project
Bug Bounty Bug Report Code of conduct Dependencies Donate FAQ Features Governance History Install Known Bugs TODO Web Site Info
Protocols
HTTP cookies HTTP/2 HTTP/3 MQTT SSL certs CA Extract SSL libs compared URL syntax
Releases
Changelog Release Table Security Problems Version Nums Vulnerabilities
Tool
Comparison Table curl man page HTTP Scripting mk-ca-bundle Tutorial
Who and Why
Companies Copyright Sponsors Thanks The name
curl / Docs / Vulnerability table / 7.16.1 vulnerabilities

Vulnerabilities in curl 7.16.1

Related:
Bug Bounty
Changelog
Donate
FAQ
Security Problems
Security Process
Vulnerabilities Table

curl version 7.16.1 was released on January 29 2007. The following 39 security problems are known to exist in this version.

FlawFrom versionTo and includingCVECWE
trusting FTP PASV responses4.07.73.0CVE-2020-8284CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
warning message out-of-buffer read7.14.17.61.1CVE-2018-16842CWE-125: Out-of-bounds Read
NTLM password overflow via integer overflow7.15.47.61.0CVE-2018-14618CWE-131: Incorrect Calculation of Buffer Size
FTP path trickery leads to NIL byte out of bounds write7.12.37.58.0CVE-2018-1000120CWE-122: Heap-based Buffer Overflow
HTTP authentication leak in redirects6.07.57.0CVE-2018-1000007CWE-522: Insufficiently Protected Credentials
FTP PWD response parser out of bounds read7.77.55.1CVE-2017-1000254CWE-126: Buffer Over-read
TFTP sends more than buffer size7.15.07.54.1CVE-2017-1000100CWE-126: Buffer Over-read
--write-out out of buffer read6.57.53.1CVE-2017-7407CWE-126: Buffer Over-read
printf floating point buffer overflow7.17.51.0CVE-2016-9586CWE-121: Stack-based Buffer Overflow
cookie injection for other servers7.17.50.3CVE-2016-8615CWE-187: Partial Comparison
case insensitive password comparison7.77.50.3CVE-2016-8616CWE-178: Improper Handling of Case Sensitivity
OOB write via unchecked multiplication7.17.50.3CVE-2016-8617CWE-131: Incorrect Calculation of Buffer Size
double-free in curl_maprintf7.17.50.3CVE-2016-8618CWE-415: Double Free
double-free in krb5 code7.37.50.3CVE-2016-8619CWE-415: Double Free
curl_getdate read out of bounds7.12.27.50.3CVE-2016-8621CWE-126: Buffer Over-read
Use-after-free via shared cookies7.10.77.50.3CVE-2016-8623CWE-416: Use After Free
invalid URL parsing with '#'7.17.50.3CVE-2016-8624CWE-172: Encoding Error
IDNA 2003 makes curl use wrong host7.12.07.50.3CVE-2016-8625CWE-838: Inappropriate Encoding for Output Context
curl escape and unescape integer overflows7.11.17.50.2CVE-2016-7167CWE-131: Incorrect Calculation of Buffer Size
TLS session resumption client cert bypass7.17.50.0CVE-2016-5419CWE-305: Authentication Bypass by Primary Weakness
Re-using connections with wrong client cert7.17.50.0CVE-2016-5420CWE-305: Authentication Bypass by Primary Weakness
Windows DLL hijacking7.11.17.49.0CVE-2016-4802CWE-94: Improper Control of Generation of Code ('Code Injection')
NTLM credentials not-checked for proxy connection re-use7.10.77.46.0CVE-2016-0755CWE-305: Authentication Bypass by Primary Weakness
sensitive HTTP server headers also sent to proxies7.17.42.0CVE-2015-3153CWE-201: Information Exposure Through Sent Data
Negotiate not treated as connection-oriented7.10.67.41.0CVE-2015-3148CWE-305: Authentication Bypass by Primary Weakness
Re-using authenticated connection when unauthenticated7.10.67.41.0CVE-2015-3143CWE-305: Authentication Bypass by Primary Weakness
URL request injection6.07.39.0CVE-2014-8150CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
cookie leak with IP address as domain7.17.37.1CVE-2014-3613CWE-201: Information Exposure Through Sent Data
IP address wildcard certificate validation7.17.35.0CVE-2014-0139CWE-297: Improper Validation of Certificate with Host Mismatch
wrong re-use of connections7.10.77.35.0CVE-2014-0138CWE-305: Authentication Bypass by Primary Weakness
re-use of wrong HTTP NTLM connection7.10.67.34.0CVE-2014-0015CWE-305: Authentication Bypass by Primary Weakness
URL decode buffer boundary flaw7.77.30.0CVE-2013-2174CWE-126: Buffer Over-read
cookie domain tailmatch6.07.29.0CVE-2013-1944CWE-201: Information Exposure Through Sent Data
SSL CBC IV vulnerability7.10.67.23.1CVE-2011-3389CWE-924: Improper Enforcement of Message Integrity
inappropriate GSSAPI delegation7.10.67.21.6CVE-2011-2192CWE-281: Improper Preservation of Permissions
data callback excessive length7.10.57.19.7CVE-2010-0734CWE-628: Function Call with Incorrectly Specified Arguments
embedded zero in cert name7.47.19.5CVE-2009-2417CWE-170: Improper Null Termination
Arbitrary File Access6.07.19.3CVE-2009-0037CWE-142: Improper Neutralization of Value Delimiters
GnuTLS insufficient cert verification7.14.07.16.3CVE-2007-3564CWE-298: Improper Validation of Certificate Expiration

Changelog for curl 7.16.1

See vulnerability summary for the previous release: 7.16.0 or the subsequent release: 7.16.2