AVG-1982 log
| Package | curl |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 7.65.3-1 |
| Fixed | 7.66.0-1 |
| Current | 8.17.0-1 [core] |
| Ticket | None |
| Created | Sat May 22 09:41:02 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-5482 | Medium | Yes | Arbitrary code execution | libcurl contains a heap buffer overflow in the function (tftp_receive_packet()) that receives data from a TFTP server. It can call recvfrom() with the... |
| CVE-2019-5481 | Low | Yes | Denial of service | libcurl can be told to use kerberos over FTP to a server, as set with the CURLOPT_KRBLEVEL option. During such kerberos FTP data transfer, the server sends... |