[TheRedHatter/javagoof:Dockerfile]:Out-of-bounds Read
Created by: armorcodegithubqa[bot]
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: null
- Current Version: null
- Vulnerable Version(s): ><7.52.1-5+deb9u3
- Vulnerable Path: >>
NVD Description
Note:
Versions mentioned in the description apply to the upstream curl
package.
See How to fix?
for Debian:9
relevant versions.
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.
References
- CONFIRM
- CONFIRM
- CVE Details
- Debian Security Advisory
- Debian Security Announcement
- Debian Security Tracker
- Gentoo Security Advisory
- RHSA Security Advisory
- Security Focus
- Security Tracker
- Ubuntu CVE Tracker
Mitigation: ## Remediation
Upgrade Debian:9
curl
to version 7.52.1-5+deb9u3 or higher.