The libcurl API function called curl_maprintf() before version 7.51.0 can be tricked into doing a double-free due to an unsafe size_t multiplication, on systems using 32 bit size_t variables.

CPENameOperatorVersion
curllt7.51.0

CPE	Name	Operator	Version
	curl	lt	7.51.0

References

www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

www.securityfocus.com/bid/94098

www.securitytracker.com/id/1037192

access.redhat.com/errata/RHSA-2018:2486

access.redhat.com/errata/RHSA-2018:3558

bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8618

curl.haxx.se/docs/adv_20161102D.html

security.gentoo.org/glsa/201701-47

www.tenable.com/security/tns-2016-21

f5 1

redhatcve 1

ubuntucve 1

nessus 25

osv 3

cvelist 1

nvd 1

debiancve 1

cve 1

alpinelinux 1

veracode 1

ibm 4

archlinux 3

debian 2

openvas 17

fedora 2

oraclelinux 6

amazon 1

suse 6

freebsd 1

altlinux 1

slackware 1

cloudfoundry 1

ubuntu 1

ics 1

mageia 1

gentoo 1

rosalinux 1

redhat 2

apple 2

oracle 2

K10196624 : libcurl vulnerability CVE-2016-8618

2017-04-21 00:00:00

redhatcve

CVE-2016-8618

2016-11-02 08:47:22

ubuntucve

CVE-2016-8618

2016-11-02 00:00:00

nessus

F5 Networks BIG-IP : libcurl vulnerability (K10196624)

2017-12-26 00:00:00

OracleVM 3.4 : curl (OVMSA-2020-0035)

2020-09-02 00:00:00

Debian DLA-711-1 : curl security update

2016-11-18 00:00:00

osv

CVE-2016-8618

2018-07-31 21:29:00

curl - security update

2016-11-17 00:00:00

curl - security update

2016-11-03 00:00:00

cvelist

CVE-2016-8618

2018-07-31 21:00:00

nvd

CVE-2016-8618

2018-07-31 21:29:00

debiancve

CVE-2016-8618

2018-07-31 21:29:00

cve

CVE-2016-8618

2018-07-31 21:29:00

alpinelinux

CVE-2016-8618

2018-07-31 21:29:00

veracode

Memory Leak

2018-08-01 10:15:27

ibm

Security Bulletin: Multiple vulnerabilities in curl affect IBM Flex System Manager (FSM)

2018-06-18 01:36:39

Security Bulletin: Vulnerabilities in cURL affect IBM Flex System Chassis Management Module (CMM)

2019-01-31 02:25:02

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in curl

2019-01-31 02:25:02

archlinux

[ASA-201611-5] lib32-libcurl-compat: multiple issues

2016-11-02 00:00:00

[ASA-201611-10] lib32-libcurl-gnutls: multiple issues

2016-11-03 00:00:00

[ASA-201611-4] lib32-curl: multiple issues

2016-11-02 00:00:00

debian

[SECURITY] [DLA 711-1] curl security update

2016-11-17 21:45:07

[SECURITY] [DSA 3705-1] curl security update

2016-11-03 23:07:00

openvas

Debian: Security Advisory (DLA-711-1)

2023-03-08 00:00:00

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2017-1036)

2020-01-23 00:00:00

Fedora Update for curl FEDORA-2016-e8e8cdb4ed

2016-12-02 00:00:00

fedora

[SECURITY] Fedora 24 Update: curl-7.47.1-9.fc24

2016-11-06 00:28:22

[SECURITY] Fedora 25 Update: curl-7.51.0-1.fc25

2016-11-19 21:51:02

oraclelinux

curl security update

2020-10-06 00:00:00

curl security and bug fix update

2019-07-30 00:00:00

curl security and bug fix update

2019-08-13 00:00:00

amazon

Medium: curl

2016-11-10 18:00:00

suse

Security update for curl (important)

2016-11-02 16:07:53

Security update for curl (important)

2016-11-10 17:06:47

Security update for curl (important)

2016-11-03 15:08:42

freebsd

cURL -- multiple vulnerabilities

2016-11-02 00:00:00

altlinux

Security fix for the ALT Linux 8 package curl version 7.51.0-alt1

2016-11-02 00:00:00

slackware

[slackware-security] curl

2016-11-04 03:34:42

cloudfoundry

USN-3123-1: curl vulnerabilities | Cloud Foundry

2016-12-13 00:00:00

ubuntu

curl vulnerabilities

2016-11-03 00:00:00

ics

Hitachi Energy MSM Product

2022-08-30 12:00:00

mageia

Updated curl packages fix security vulnerability

2018-01-03 19:40:26

gentoo

cURL: Multiple vulnerabilities

2017-01-19 00:00:00

rosalinux

Advisory ROSA-SA-2021-1818

2021-07-02 16:36:57

redhat

(RHSA-2018:2486) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update

2018-08-16 16:05:21

(RHSA-2018:3558) Moderate: httpd24 security, bug fix, and enhancement update

2018-11-13 08:00:33

apple

About the security content of macOS Sierra 10.12.2, Security Update 2016-003 El Capitan, and Security Update 2016-007 Yosemite

2016-12-13 00:00:00

About the security content of macOS Sierra 10.12.2, Security Update 2016-003 El Capitan, and Security Update 2016-007 Yosemite - Apple Support

2020-07-27 08:14:17

oracle

Oracle Critical Patch Update - October 2018

2018-12-18 00:00:00

Oracle Critical Patch Update Advisory - April 2017

2017-04-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.8 Medium

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

86.0%

JSON

Related for PRION:CVE-2016-8618