libcurl.so is vulnerable to arbitrary file overwrite. A logic flaw occurs when the -J flag is used together with -i option and are used in the reversed order. A malicious server will be able to overwrite arbitrary local files where the curl was executed by responding with malicious HTTP headers.

CPENameOperatorVersion
libcurl.sole4.6.0
curl:3.10eq7.66.0-r0
curl:3.12eq7.69.1-r0
curl:3.11eq7.67.0-r0
curleq7.64.0-r3
curleq7.29.0__57.el7
curleq7.29.0__46.el7
curleq7.29.0__54.el7
curleq7.29.0__54.el7_7.2
curleq7.29.0__51.el7

Name	Operator	Version
libcurl.so	le	4.6.0
curl:3.10	eq	7.66.0-r0
curl:3.12	eq	7.69.1-r0
curl:3.11	eq	7.67.0-r0
curl	eq	7.64.0-r3
curl	eq	7.29.0__57.el7
curl	eq	7.29.0__46.el7
curl	eq	7.29.0__54.el7
curl	eq	7.29.0__54.el7_7.2
curl	eq	7.29.0__51.el7