---

CVE-2019-5435 - log back

CVE-2019-5435 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Remote
Type	+ Arbitrary code execution
Description	+ libcurl before 7.65.0 contains two integer overflows in the curl_url_set() function that if triggered, can lead to a too small buffer allocation and a subsequent heap buffer overflow. The flaws only exist on 32 bit architectures and require excessive string input lengths.
References	+ https://curl.haxx.se/docs/CVE-2019-5435.html + https://github.com/curl/curl/commit/5fc28510a4664f4
Notes