Denial Of Service (DoS)

2021-07-0506:41:15

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.002 Low

EPSS

Percentile

60.0%

JSON

libcurl.so is vulnerable to denial of service. A heap-based buffer overflow when setting protocol given a URL without a scheme part allows an attacker to cause a denial of service condition in the application.

CPENameOperatorVersion
curlle7.30.0.2
libcurl.sole4.6.0.debug
curlle7.30.0.2
libcurl.sole4.6.0.debug

Name	Operator	Version
curl	le	7.30.0.2
libcurl.so	le	4.6.0.debug
curl	le	7.30.0.2
libcurl.so	le	4.6.0.debug

References

openwall.com/lists/oss-security/2017/06/14/1

www.securityfocus.com/bid/99120

www.securitytracker.com/id/1038697

curl.haxx.se/docs/adv_20170614.html

github.com/curl/curl/commit/5d7952f52e410e1d4a8ff1965e5cc6fc1bde86aa

0.002 Low

EPSS

Percentile

60.0%

JSON

Related for VERACODE:31124