AVG-874 log
| Package | lib32-curl |
| Status | Fixed |
| Severity | High |
| Type | arbitrary code execution |
| Affected | 7.63.0-2 |
| Fixed | 7.64.0-1 |
| Current | 8.11.0-1 [multilib] |
| Ticket | None |
| Created | Wed Feb 6 19:35:15 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-3823 | High | Yes | Arbitrary code execution | libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer... |
| CVE-2019-3822 | High | Yes | Arbitrary code execution | libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header... |
| CVE-2018-16890 | Medium | Yes | Arbitrary code execution | libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 12 Feb 2019 | ASA-201902-13 | lib32-curl | arbitrary code execution |