AVG-654 log

Package lib32-curl
Status Fixed
Severity Medium
Type multiple issues
Affected 7.58.0-2
Fixed 7.59.0-1
Current 8.8.0-1 [multilib]
Ticket None
Created Fri Mar 16 20:41:33 2018
Issue Severity Remote Type Description
CVE-2018-1000122 Medium Yes Information disclosure
A buffer over-read exists in curl >= 7.20.0 and < 7.59.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information...
CVE-2018-1000121 Medium Yes Denial of service
A NULL pointer dereference exists in the LDAP code of curl >= 7.21.0 and < curl 7.59.0, allowing an attacker to cause a denial of service. libcurl-using...
CVE-2018-1000120 Medium Yes Denial of service
It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP...
Date Advisory Package Type
19 Mar 2018 ASA-201803-16 lib32-curl multiple issues