Trail of Bits
Audit Open Original ↗

cURL

Type

Security review

Client

Date

2022-10

Domain

AppSec

Effort

9.5 wks

Section

Technology Product Reviews

Trail of Bits's security review of cURL (Oct 2022) identified 14 issues: 2 high, 5 low, 5 informational, and 2 undetermined.

Findings · 14

  1. 1 Bad recommendation in libcurl cookie documentation Informational
  2. 2 Libcurl URI parser accepts invalid characters Undetermined
  3. 3 libcurl Alt-Svc parser accepts invalid port numbers Undetermined
  4. 4 Non-constant-time comparison of secrets Low
  5. 5 Tab injection in cookie file Informational
  6. 6 Standard output/input/error may not be opened Informational
  7. 7 Double free when using HTTP proxy with specific protocols High
  8. 8 Some flags override previous instances of themselves Informational
  9. 9 Cookies are not stripped after redirect Low
  10. 10 Use after free while using parallel option and sequences High
  11. 11 Unused memory blocks are not freed resulting in memory leaks Low
  12. 12 Referer header is generated in insecure manner Low
  13. 13 Redirect to localhost and local network is possible (Server-side request forgery like) Informational
  14. 14 URL parsing from redirect is incorrect when no path separator is provided Low

Findings extracted from the published report PDF. See the full report below for details and remediation.

Related