curl / Docs / Vulnerability table / 7.83.1 vulnerabilities

Vulnerabilities in curl 7.83.1

curl version 7.83.1 was released on May 11 2022. The following 5 security problems are known to exist in this version.

FlawFrom versionTo and includingCVECWE
control code in cookie denial of service4.97.84.0CVE-2022-35252CWE-1286: Improper Validation of Syntactic Correctness of Input
FTP-KRB bad message verification7.16.47.83.1CVE-2022-32208CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel
Unpreserved file permissions7.69.07.83.1CVE-2022-32207CWE-281: Improper Preservation of Permissions
HTTP compression denial of service7.57.07.83.1CVE-2022-32206CWE-770: Allocation of Resources Without Limits or Throttling
Set-Cookie denial of service7.71.07.83.1CVE-2022-32205CWE-770: Allocation of Resources Without Limits or Throttling

Changelog for curl 7.83.1

See vulnerability summary for the previous release: 7.83.0 or the subsequent release: 7.84.0