[3.9] curl: Multiple vulnerabilities (CVE-2019-5435, CVE-2019-5436)ID: oval:org.secpod.oval:def:1801444 | Date: (C)2019-06-07 (M)2023-11-10 |
Class: PATCH | Family: unix |
CVE-2019-5435: Integer overflows in curl_url_set¶ libcurl contains two integer overflows in the curl_url_set function that if triggered, can lead to a too small buffer allocation and a subsequent heap buffer overflow. Affected versions: libcurl 7.62.0 to and including 7.64.1 Not affected versions: libcurl = libcurl 7.65.0
Platform: |
Alpine Linux 3.9 |