[Git][security-tracker-team/security-tracker][master] Add CVE-2019-5481/curl
Salvatore Bonaccorso
carnil at debian.org
Wed Sep 11 07:39:57 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dbdc16e6 by Salvatore Bonaccorso at 2019-09-11T06:39:27Z
Add CVE-2019-5481/curl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30955,8 +30955,12 @@ CVE-2019-5483 (Seneca < 3.9.0 contains a vulnerability that could lead to exp
TODO: check
CVE-2019-5482
RESERVED
-CVE-2019-5481
+CVE-2019-5481 [FTP-KRB double-free]
RESERVED
+ - curl <unfixed>
+ NOTE: https://curl.haxx.se/docs/CVE-2019-5481.html
+ NOTE: Introduced by: https://github.com/curl/curl/commit/0649433da53c7165f839e24e889e131e2894dd32 (curl-7_52_0)
+ NOTE: Fixed by: https://github.com/curl/curl/commit/9069838b30fb3b48af0123e39f664cea683254a5 (curl-7_66_0)
CVE-2019-5480 (A path traversal vulnerability in <= v0.9.7 of statichttpserver npm ...)
TODO: check
CVE-2019-5479 (An unintended require vulnerability in <v0.5.5 larvitbase-api may a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dbdc16e6ba7e763da89caf45c701ced04fbdd277
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dbdc16e6ba7e763da89caf45c701ced04fbdd277
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190911/3c7ef526/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list