curl / Docs / Vulnerability table / 7.67.0 vulnerabilities

Vulnerabilities in curl 7.67.0

curl version 7.67.0 was released on November 6 2019. The following 3 security problems are known to exist in this version.

FlawFrom versionTo and includingCVECWE
wrong connect-only connection7. Expired Pointer Dereference
curl overwrite local file with -J7. Improper Restriction of Names for Files and Other Resources
Partial password leak over DNS on HTTP redirect7. Exposure of Sensitive Information to an Unauthorized Actor

Changelog for curl 7.67.0

See vulnerability summary for the previous release: 7.66.0 or the subsequent release: 7.68.0