CVE-2018-1000300
N/A
N/A
Summary
curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- https://curl.haxx.se/docs/adv_2018-82c2.html
- https://security.gentoo.org/glsa/201806-05
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- https://usn.ubuntu.com/3648-1/
- http://www.securityfocus.com/bid/104207
- http://www.securitytracker.com/id/1040933
References
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- https://curl.haxx.se/docs/adv_2018-82c2.html
- https://security.gentoo.org/glsa/201806-05
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- https://usn.ubuntu.com/3648-1/
- http://www.securityfocus.com/bid/104207
- http://www.securitytracker.com/id/1040933
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.