0.007 Low
EPSS
Percentile
79.6%
curl is vulnerable to denial of service. An out bounds read in code handling HTTP/2 trailers can potentially lead to a denial-of-service situation or an information disclosure.
www.securitytracker.com/id/1040273
access.redhat.com/errata/RHSA-2019:1543
curl.haxx.se/docs/adv_2018-824a.html
github.com/curl/curl/pull/2231
usn.ubuntu.com/3554-1/
www.debian.org/security/2018/dsa-4098