cve/2024/CVE-2024-7264.md

### [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264)
![](https://img.shields.io/static/v1?label=Product&message=curl&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=7.32.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.33.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.34.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.35.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.36.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.37.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.37.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.38.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.39.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.40.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.41.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.42.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.42.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.43.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.44.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.45.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.46.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.47.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.47.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.48.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.49.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.49.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.50.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.50.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.50.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.50.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.51.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.52.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.52.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.53.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.53.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.54.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.54.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.55.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.55.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.56.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.56.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.57.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.58.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.59.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.60.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.61.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.61.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.62.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.63.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.64.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.64.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.65.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.65.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.65.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.65.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.66.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.67.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.68.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.69.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.69.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.70.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.71.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.71.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.72.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.73.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.74.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.75.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.76.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.76.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.77.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.78.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.79.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.79.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.80.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.81.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.82.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.83.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.83.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.84.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.85.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.86.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.87.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.88.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.88.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.0.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.0.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.1.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.1.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.1.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.2.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.2.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.3.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.4.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.5.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.6.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.7.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.7.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.8.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.9.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%20Out-of-bounds%20Read&color=brightgreen)

### Description

libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing anASN.1 Generalized Time field. If given an syntactically incorrect field, theparser might end up using -1 for the length of the *time fraction*, leading toa `strlen()` getting performed on a pointer to a heap buffer area that is not(purposely) null terminated.This flaw most likely leads to a crash, but can also lead to heap contentsgetting returned to the application when[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/Nucl3arAt0m/Elevate-Labs-Task-3
- https://github.com/SruthinagaK/linux-manual-vulnerabitltiy-labscan-June2025
- https://github.com/fkie-cad/nvd-json-data-feeds
Update CVE sources 2025-09-29 16:08 2025-09-29 16:08:36 +00:00			`### [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264)`
			`![](https://img.shields.io/static/v1?label=Product&message=curl&color=blue)`
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`![](https://img.shields.io/static/v1?label=Version&message=7.32.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.33.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.34.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.35.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.36.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.37.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.37.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.38.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.39.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.40.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.41.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.42.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.42.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.43.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.44.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.45.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.46.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.47.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.47.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.48.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.49.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.49.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.50.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.50.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.50.2%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.50.3%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.51.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.52.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.52.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.53.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.53.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.54.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.54.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.55.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.55.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.56.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.56.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.57.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.58.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.59.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.60.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.61.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.61.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.62.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.63.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.64.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.64.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.65.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.65.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.65.2%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.65.3%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.66.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.67.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.68.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.69.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.69.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.70.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.71.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.71.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.72.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.73.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.74.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.75.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.76.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.76.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.77.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.78.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.79.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.79.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.80.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.81.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.82.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.83.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.83.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.84.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.85.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.86.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.87.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.88.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.88.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.0.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.0.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.1.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.1.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.1.2%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.2.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.2.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.3.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.4.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.5.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.6.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.7.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.7.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.8.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.9.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%20Out-of-bounds%20Read&color=brightgreen)`
Update CVE sources 2025-09-29 16:08 2025-09-29 16:08:36 +00:00
			`### Description`

			libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing anASN.1 Generalized Time field. If given an syntactically incorrect field, theparser might end up using -1 for the length of the time fraction, leading toa `strlen()` getting performed on a pointer to a heap buffer area that is not(purposely) null terminated.This flaw most likely leads to a crash, but can also lead to heap contentsgetting returned to the application when[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/Nucl3arAt0m/Elevate-Labs-Task-3`
			`- https://github.com/SruthinagaK/linux-manual-vulnerabitltiy-labscan-June2025`
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`- https://github.com/fkie-cad/nvd-json-data-feeds`
Update CVE sources 2025-09-29 16:08 2025-09-29 16:08:36 +00:00