GitLab

Created by: armorcodegithubqa[bot]

Component Details

• Exploit Maturity: no-known-exploit
• Vulnerable Package: null
• Current Version: null
• Vulnerable Version(s): ><7.52.1-5+deb9u10
• Vulnerable Path: >>

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See How to fix? for Debian:9 relevant versions.

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.

References

• ADVISORY
• BUGTRAQ
• CONFIRM
• CONFIRM
• DEBIAN
• Debian Security Tracker
• FEDORA
• Fedora Security Update
• Fedora Security Update
• GENTOO
• MISC
• MISC
• N/A
• OpenSuse Security Announcement
• OpenSuse Security Announcement
• Ubuntu CVE Tracker

Mitigation: ## Remediation Upgrade Debian:9 curl to version 7.52.1-5+deb9u10 or higher.

https://qa.armorcode.ai/#/findings/5688610