The vulnerability of the tool_cb_wrt component (src/tool_cb_wrt.c) in the command-line utilities curl and tiny-curl, which allows a attacker to disclose protected information

The vulnerability of the toolcbwrt component src/toolcbwrt.c in the command-line utilities curl and tiny-curl is related to a shift of one index position in the array index beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose...

PT-2024-1741 · Tiny-Curl +2 · Tiny-Curl +2

Name of the Vulnerable Software and Affected Versions: curl versions 8.4.0 through 8.5.0 tiny-curl version 8.4.0 Description: The issue is related to an off-by-one out-of-bounds array index in the tool cb wrt component of the curl and tiny-curl utilities. This could allow a remote attacker to...