CVE-2019-5482
published 2019-09-16CVE-2019-5482: Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | curl | < curl 7.66.0-1 (bookworm) | curl 7.66.0-1 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| haxx | curl | — | — |
| haxx | curl | >= 0 < 7.66.0-1 | 7.66.0-1 |
| haxx | curl | >= 0 < 7.66.0-1 | 7.66.0-1 |
| haxx | curl | >= 0 < 7.66.0-1 | 7.66.0-1 |
| haxx | curl | >= 0 < 7.66.0-1 | 7.66.0-1 |
| haxx | curl | >= 0 < 7.47.0-1ubuntu2.14 | 7.47.0-1ubuntu2.14 |
| haxx | curl | >= 0 < 7.58.0-2ubuntu3.8 | 7.58.0-2ubuntu3.8 |
| haxx | curl | 7.19.4 – 7.65.3 | — |
| netapp | oncommand_unified_manager | >= 7.3 | — |
| netapp | oncommand_unified_manager | >= 9.5 | — |
| opensuse | leap | — | — |
| opensuse | leap | — | — |
| oracle | communications_operations_monitor | — | — |
| oracle | communications_operations_monitor | — | — |
| oracle | communications_operations_monitor | — | — |
| oracle | communications_operations_monitor | — | — |
| oracle | communications_operations_monitor | — | — |
| oracle | communications_session_border_controller | — | — |
| oracle | communications_session_border_controller | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL