AVG-1982 log

Package curl
Status Fixed
Severity Medium
Type multiple issues
Affected 7.65.3-1
Fixed 7.66.0-1
Current 8.7.1-5 [core]
Ticket None
Created Sat May 22 09:41:02 2021
Issue Severity Remote Type Description
CVE-2019-5482 Medium Yes Arbitrary code execution
libcurl contains a heap buffer overflow in the function (tftp_receive_packet()) that receives data from a TFTP server. It can call recvfrom() with the...
CVE-2019-5481 Low Yes Denial of service
libcurl can be told to use kerberos over FTP to a server, as set with the CURLOPT_KRBLEVEL option. During such kerberos FTP data transfer, the server sends...