CVE-2019-5435 (retired)

Priority
Description
An integer overflow in curl's URL API results in a buffer overflow in
libcurl 7.62.0 to and including 7.64.1.
Notes
 mdeslaur> 7.62.0+ only
Assigned-to
mdeslaur
Package
Source: curl (LP Ubuntu Debian)
Upstream:released (7.65.0)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (code not present)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (code not present)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (code not present)
Ubuntu 19.04 (Disco Dingo):released (7.64.0-2ubuntu1.1)
Ubuntu 19.10 (Eoan):released (7.64.0-3ubuntu2)
Patches:
Upstream:https://github.com/curl/curl/commit/5fc28510a4664f4
More Information

Updated: 2019-05-29 17:14:58 UTC (commit 79ebe9d7a5cce97b7ed1c54439579bd23709186e)