AVG-654 log
Package | lib32-curl |
Status | Fixed |
Severity | Medium |
Type | multiple issues |
Affected | 7.58.0-2 |
Fixed | 7.59.0-1 |
Current | 8.11.0-1 [multilib] |
Ticket | None |
Created | Fri Mar 16 20:41:33 2018 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2018-1000122 | Medium | Yes | Information disclosure | A buffer over-read exists in curl >= 7.20.0 and < 7.59.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information... |
CVE-2018-1000121 | Medium | Yes | Denial of service | A NULL pointer dereference exists in the LDAP code of curl >= 7.21.0 and < curl 7.59.0, allowing an attacker to cause a denial of service. libcurl-using... |
CVE-2018-1000120 | Medium | Yes | Denial of service | It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP... |
Date | Advisory | Package | Type |
---|---|---|---|
19 Mar 2018 | ASA-201803-16 | lib32-curl | multiple issues |