Lucene search
Veracode Vulnerability DatabaseVERACODE:6471HistoryJun 01, 2018 - 7:38 a.m.
Out Of Bound Reads (OOB)
2018-06-0107:38:16
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.022 Low
EPSS
Percentile
89.5%
libcurl.so is vulnerable to out of bound(OOB) reads. When an IMAP FETCH response showing the size of the returned data is zero, libcurlโs deliver-data function calls the strlen function which can lead to out of bound reads on the heap and/or crashes the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libcurl.so | le | 4.4.0 |
Related
openvas
openvas
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2018-1237)
2020-01-23 00:00:00
Debian: Security Advisory (DSA-4007-1)
2017-10-26 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2017-1313)
2020-01-23 00:00:00
nessus
nessus
Oracle Linux 7 : curl (ELSA-2017-3263)
2017-11-28 00:00:00
Amazon Linux AMI : curl (ALAS-2017-922)
2017-11-21 00:00:00
Scientific Linux Security Update : curl on SL7.x x86_64 (20171127)
2017-11-28 00:00:00
redhat
redhat
(RHSA-2017:3263) Moderate: curl security update
2017-11-27 13:58:28
(RHSA-2018:2486) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update
2018-08-16 16:05:21
(RHSA-2018:3558) Moderate: httpd24 security, bug fix, and enhancement update
2018-11-13 08:00:33
archlinux
archlinux
[ASA-201711-11] libcurl-gnutls: information disclosure
2017-11-02 00:00:00
[ASA-201711-8] lib32-libcurl-compat: information disclosure
2017-11-02 00:00:00
[ASA-201711-7] lib32-curl: information disclosure
2017-11-02 00:00:00
oraclelinux
oraclelinux
curl security update
2017-11-27 00:00:00
slackware
slackware
[slackware-security] curl
2017-10-24 05:55:47
ubuntucve
ubuntucve
CVE-2017-1000257
2017-10-23 00:00:00
osv
osv
curl - security update
2017-10-27 00:00:00
curl - security update
2017-10-24 00:00:00
CVE-2017-1000257
2017-10-31 21:29:00
ibm
ibm
Security Bulletin: IBM QRadar Network Security is affected by a denial of service vulnerability in cURL (CVE-2017-1000257)
2018-06-16 22:04:36
Security Bulletin: IBM Security Access Manager Appliance is affected by a cURL vulnerability (CVE-2017-1000257)
2018-08-21 19:47:29
Security Bulletin: A vulnerability in curl affects PowerKVM
2018-06-18 01:40:48
nvd
nvd
CVE-2017-1000257
2017-10-31 21:29:00
prion
prion
Heap overflow
2017-10-31 21:29:00
cvelist
cvelist
CVE-2017-1000257
2017-10-31 21:00:00
redhatcve
redhatcve
CVE-2017-1000257
2017-10-23 06:19:18
ubuntu
ubuntu
curl vulnerability
2017-10-23 00:00:00
curl vulnerabilities
2017-10-23 00:00:00
centos
centos
curl, libcurl security update
2017-11-27 18:26:45
debian
debian
[SECURITY] [DSA 4007-1] curl security update
2017-10-27 20:15:10
[SECURITY] [DLA 1143-1] curl security update
2017-10-24 20:38:14
cloudfoundry
cloudfoundry
USN-3457-1: curl vulnerability | Cloud Foundry
2017-11-27 00:00:00
amazon
amazon
Medium: curl
2017-11-15 19:54:00
Medium: curl
2019-02-16 00:34:00
altlinux
altlinux
Security fix for the ALT Linux 8 package curl version 7.56.1-alt1
2017-10-23 00:00:00
veracode
veracode
Out Of Bound Reads (OOB)
2019-01-15 09:21:02
alpinelinux
alpinelinux
CVE-2017-1000257
2017-10-31 21:29:00
cve
cve
CVE-2017-1000257
2017-10-31 21:29:00
debiancve
debiancve
CVE-2017-1000257
2017-10-31 21:29:00
freebsd
freebsd
cURL -- out of bounds read
2017-10-23 00:00:00
hackerone
hackerone
fedora
fedora
[SECURITY] Fedora 27 Update: curl-7.55.1-7.fc27
2017-11-11 13:48:30
[SECURITY] Fedora 26 Update: curl-7.53.1-12.fc26
2017-11-01 00:13:45
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2017-0050
2017-12-07 00:00:00
Critical Photon OS Security Update - PHSA-2017-0088
2017-11-30 00:00:00
Critical Photon OS Security Update - PHSA-2017-0004
2017-12-06 00:00:00
mageia
mageia
Updated curl packages fix security vulnerability
2018-01-03 19:40:26
Updated curl packages fix security vulnerability
2018-01-03 19:40:26
gentoo
gentoo
cURL: Multiple vulnerabilities
2017-12-14 00:00:00