logo
DATABASE RESOURCES PRICING ABOUT US

Amazon Linux AMI : curl (ALAS-2017-806)

Description

libcurl's implementation of the printf() functions triggers a buffer overflow when doing a large floating point output. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks. This flaw does not exist in the command line tool.


Related