ftp_parse_url_path in lib/ftp.c URL-decodes FTP path segments (e.g. %2e%2e) and then splits the decoded path into components using an ad-hoc loop t...
An image hash is publicly exposed on Github Steps to reproduce: See at >> https://github.com/curl/curl/blob/master/Dockerfile Solution: # If you...
Description: The $openssl code in curl 8.17.0.1 allows exploitation. Steps to reproduce: 1) Extract and install curl on Windows. 2) See the code ...
## Summary: curl is vulnerable to silent Man-in-the-Middle (MITM) attacks due to its design, which implicitly trusts the CA certificate path specif...
SMTP CRLF Injection Vulnerability in curl/libcurl ## Vulnerability ID: CURL-SMTP-CRLF-2024 ## CWE-93: Improper Neutralization of CRLF Sequences ##...
## Summary: The Arbitrary Configuration File Inclusion (ACFI) vulnerability was identified in the curl utility via the --config option. This flaw ...
## Summary An attacker can crash or forcefully abort any application that uses libcurl's MQTT support by setting an excessively large value for `CU...
I've provided the detailed description and clear steps previously, but it seems you need the content tailored directly for the submission form's fi...
libcurl's SMTP implementation accepts CR (`\r`) and LF (`\n`) bytes in mailbox address inputs without validation. These control characters are inse...
Hi Hacker ## Impact ## Summary:
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
