[3.9] curl: Multiple vulnerabilities (CVE-2019-5435, CVE-2019-5436)| ID: oval:org.secpod.oval:def:1801444 | Date: (C)2019-06-07 (M)2023-11-10 |
| Class: PATCH | Family: unix |
CVE-2019-5435: Integer overflows in curl_url_set¶ libcurl contains two integer overflows in the curl_url_set function that if triggered, can lead to a too small buffer allocation and a subsequent heap buffer overflow. Affected versions: libcurl 7.62.0 to and including 7.64.1 Not affected versions: libcurl = libcurl 7.65.0
| Platform: |
| Alpine Linux 3.9 |
