2 matches found
Amazon Linux 2 : curl (ALAS-2021-1653)
The version of curl installed on the remote host is prior to 7.61.1-12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1653 advisory. It was discovered that libcurl did not remove authentication credentials from URLs when automatically populating the Refere...
curl security update
7.61.1-12 - double free due to subsequent call of realloc CVE-2019-5481 - fix heap buffer overflow in function tftpreceivepacket CVE-2019-5482 - fix TFTP receive buffer overflow CVE-2019-5436...