CVE-2018-16842

Source
Severity Medium
Remote Yes
Type Information disclosure
Description
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
This display function formats the output to wrap at 80 columns. The wrap logic is however flawed, so if a single word in the message is itself longer than 80 bytes the buffer arithmetic calculates the remainder wrong and will end up reading behind the end of the buffer.
Group Package Affected Fixed Severity Status Ticket
AVG-795 curl 7.61.1-3 7.62.0-1 High Fixed
Date Advisory Group Package Severity Description
06 Nov 2018 ASA-201811-4 AVG-795 curl High multiple issues
References
https://curl.haxx.se/docs/CVE-2018-16842.html
https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211