AVG-655 log
| Package | libcurl-compat |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 7.58.0-2 |
| Fixed | 7.59.0-1 |
| Current | 8.16.0-1 [core] |
| Ticket | None |
| Created | Fri Mar 16 20:44:03 2018 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2018-1000122 | Medium | Yes | Information disclosure | A buffer over-read exists in curl >= 7.20.0 and < 7.59.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information... |
| CVE-2018-1000121 | Medium | Yes | Denial of service | A NULL pointer dereference exists in the LDAP code of curl >= 7.21.0 and < curl 7.59.0, allowing an attacker to cause a denial of service. libcurl-using... |
| CVE-2018-1000120 | Medium | Yes | Denial of service | It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 19 Mar 2018 | ASA-201803-17 | libcurl-compat | multiple issues |