curl / Docs / Vulnerability table / 7.75.0 vulnerabilities

Vulnerabilities in curl 7.75.0

curl version 7.75.0 was released on February 3 2021. The following 5 security problems are known to exist in this version.

FlawFrom versionTo and includingCVECWE
TLS session caching disaster7. Use After Free
TELNET stack contents disclosure7.77.76.1CVE-2021-22898CWE-457: Use of Uninitialized Variable
schannel cipher selection surprise7. Exposure of Data Element to Wrong Session
TLS 1.3 session ticket proxy host mixup7. Authentication Bypass by Spoofing
Automatic referer leaks credentials7. Exposure of Private Personal Information to an Unauthorized Actor

Changelog for curl 7.75.0

See vulnerability summary for the previous release: 7.74.0 or the subsequent release: 7.76.0