libcurl"s implementation of the printf functions triggers a buffer overflow when doing a large floating point output. The bug occurs when the conversion outputs more than 255 bytes. Affected versions: libcurl 7.1 to and including 7.51.0 Fixed In: libcurl 7.52.0