Vulnerability
curl/libcurl: SMB send off unrelated memory contents
libcurl can get tricked by a malicious SMB server to send off data it did not intend to. In libcurl's state machine function handling the SMB protocol (`smb_request_state()`), two length and offset values are extracted from data that has arrived over the network, and those values are subsequently used to figure out what data range to send back. The values are used and trusted without boundary checks and are assumed to be valid. This allows carefully handcrafted packages to trick libcurl into responding and sending off data that was not intended. Or crash if the values cause libcurl to access invalid memory.
No CVSS base score from NVD or GHSA yet. NVD typically scores within 24–72 hours of publication; GHSA usually within a day for OSS-flagged CVEs. Last record update .
For interim severity, fall back on KEV / EXPLOIT signals and the EPSS percentile (lower panel). Re-check this CVE after one cron tick — the score lands automatically when the source publishes.
Mid-pack — moderate exploitation likelihood.
No VEX statements published for CVE-2015-3237. Vendors publish VEX (Vulnerability Exploitability eXchange) to assert per-product whether a CVE is actually exploitable in their distribution.
No exploitation, limited impact or prevalence