{"id":"CURL-CVE-2018-16840","summary":"use after free in handle close","details":"libcurl contains a heap use after free flaw in code related to closing an easy\nhandle.\n\nWhen closing and cleaning up an \"easy\" handle in the `Curl_close()` function,\nthe library code first frees a struct (without clearing the pointer) and might\nthen subsequently erroneously write to a struct field within that already\nfreed struct.","aliases":["CVE-2018-16840"],"modified":"2026-04-25T20:38:45.356510Z","published":"2018-10-31T08:00:00Z","database_specific":{"award":{"amount":"100","currency":"USD"},"URL":"https://curl.se/docs/CVE-2018-16840.json","package":"curl","severity":"Low","last_affected":"7.61.1","affects":"both","CWE":{"desc":"Use After Free","id":"CWE-416"},"www":"https://curl.se/docs/CVE-2018-16840.html"},"affected":[{"ranges":[{"type":"SEMVER","events":[{"introduced":"7.59.0"},{"fixed":"7.62.0"}]},{"type":"GIT","repo":"https://github.com/curl/curl.git","events":[{"introduced":"b46cfbc068ebe90f18e9777b9e877e4934c1b5e3"},{"fixed":"81d135d67155c5295b1033679c606165d4e28f3f"}]}],"versions":["7.61.1","7.61.0","7.60.0","7.59.0"],"database_specific":{"vanir_signatures_modified":"2026-04-25T20:38:45Z","vanir_signatures":[{"signature_type":"Line","target":{"file":"lib/url.c"},"digest":{"line_hashes":["76450436232552618053190577593466383274","56283251733270634435040735386618773715","225146506795074944162099681821124504277","72162716836877692358628916813877661635","28202728034268574745574819732142521908"],"threshold":0.9},"source":"https://github.com/curl/curl.git/commit/81d135d67155c5295b1033679c606165d4e28f3f","id":"CURL-CVE-2018-16840-a87c499d","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","target":{"file":"lib/url.c","function":"Curl_close"},"digest":{"function_hash":"253867143457341161698845574111827314122","length":1388},"source":"https://github.com/curl/curl.git/commit/81d135d67155c5295b1033679c606165d4e28f3f","id":"CURL-CVE-2018-16840-ba2aaffc","deprecated":false,"signature_version":"v1"}],"source":"https://curl.se/docs/CURL-CVE-2018-16840.json"}}],"schema_version":"1.7.5","credits":[{"name":"Brian Carpenter (Geeknik Labs)","type":"FINDER"},{"name":"Daniel Stenberg","type":"REMEDIATION_DEVELOPER"}]}