AVG-877 log
Package | libcurl-gnutls |
Status | Fixed |
Severity | High |
Type | arbitrary code execution |
Affected | 7.63.0-2 |
Fixed | 7.64.0-1 |
Current | 8.11.0-3 [core] |
Ticket | None |
Created | Wed Feb 6 19:38:52 2019 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2019-3823 | High | Yes | Arbitrary code execution | libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer... |
CVE-2019-3822 | High | Yes | Arbitrary code execution | libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header... |
CVE-2018-16890 | Medium | Yes | Arbitrary code execution | libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages... |
Date | Advisory | Package | Type |
---|---|---|---|
12 Feb 2019 | ASA-201902-10 | libcurl-gnutls | arbitrary code execution |