curl / Docs / Vulnerability table / 7.74.0 vulnerabilities

Vulnerabilities in curl 7.74.0

curl version 7.74.0 was released on December 9 2020. The following 2 security problems are known to exist in this version.

FlawFrom versionTo and includingCVECWE
TLS 1.3 session ticket proxy host mixup7.63.07.75.0CVE-2021-22890CWE-290: Authentication Bypass by Spoofing
Automatic referer leaks credentials7.1.17.75.0CVE-2021-22876CWE-359: Exposure of Private Personal Information to an Unauthorized Actor

Changelog for curl 7.74.0

See vulnerability summary for the previous release: 7.73.0 or the subsequent release: 7.75.0