AVG-387 log
Package | libcurl-gnutls |
Status | Fixed |
Severity | Medium |
Type | multiple issues |
Affected | 7.54.1-1 |
Fixed | 7.56.0-1 |
Current | 8.11.1-3 [core] |
Ticket | None |
Created | Tue Aug 22 18:54:15 2017 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-1000254 | Low | Yes | Denial of service | When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory with the `PWD` command. The... |
CVE-2017-1000100 | Medium | Yes | Information disclosure | An information disclosure issue has been found in curl < 7.55.0. When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file... |
CVE-2017-1000099 | Low | No | Information disclosure | An information disclosure issue has been found in curl < 7.55.0. When asking to get a file from a file:// URL, libcurl provides a feature that outputs... |
Date | Advisory | Package | Type |
---|---|---|---|
05 Oct 2017 | ASA-201710-5 | libcurl-gnutls | multiple issues |