CVE-2019-5436 (retired)

Priority
Description
A heap buffer overflow in the TFTP receiving code allows for DoS or
arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
Assigned-to
mdeslaur
Package
Source: curl (LP Ubuntu Debian)
Upstream:released (7.65.0)
Ubuntu 12.04 ESM (Precise Pangolin):released (7.22.0-3ubuntu4.26)
Ubuntu 14.04 ESM (Trusty Tahr):released (7.35.0-1ubuntu2.20+esm2)
Ubuntu 16.04 LTS (Xenial Xerus):released (7.47.0-1ubuntu2.13)
Ubuntu 18.04 LTS (Bionic Beaver):released (7.58.0-2ubuntu3.7)
Ubuntu 18.10 (Cosmic Cuttlefish):released (7.61.0-1ubuntu2.4)
Ubuntu 19.04 (Disco Dingo):released (7.64.0-2ubuntu1.1)
Ubuntu 19.10 (Eoan):released (7.64.0-3ubuntu2)
More Information

Updated: 2019-05-29 17:14:58 UTC (commit 79ebe9d7a5cce97b7ed1c54439579bd23709186e)