libcurl.so is vulnerable to denial of service. A heap-based buffer overflow occurs when closing an FTP connection with long server command reply, allowing a remote attacker to crash the process and potentially execute arbitrary code.
www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
www.securityfocus.com/bid/104207
www.securitytracker.com/id/1040933
curl.haxx.se/docs/adv_2018-82c2.html
curl.haxx.se/docs/CVE-2018-1000300.html
security.gentoo.org/glsa/201806-05
usn.ubuntu.com/3648-1/
www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html