Vulnerability CVE-2019-5482: Information
Description
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
MySQL | sisyphus | 8.0.19-alt1 | 8.0.37-alt1.1 | ALT-PU-2020-1220-1 | 245056 | Fixed |
MySQL | sisyphus_riscv64 | 8.0.27-alt1.0.rv64 | 8.0.37-alt0.port | ALT-PU-2021-4503-1 | - | Fixed |
MySQL | p10 | 8.0.19-alt1 | 8.0.36-alt1 | ALT-PU-2020-1220-1 | 245056 | Fixed |
MySQL | p9 | 8.0.19-alt2 | 8.0.26-alt2 | ALT-PU-2020-1827-1 | 250162 | Fixed |
MySQL | c10f1 | 8.0.19-alt1 | 8.0.37-alt1 | ALT-PU-2020-1220-1 | 245056 | Fixed |
MySQL | c9f2 | 8.0.19-alt2 | 8.0.36-alt0.c9.1 | ALT-PU-2020-1827-1 | 250162 | Fixed |
MySQL | p11 | 8.0.19-alt1 | 8.0.37-alt1.1 | ALT-PU-2020-1220-1 | 245056 | Fixed |
curl | sisyphus | 7.66.0-alt1 | 8.7.1-alt2 | ALT-PU-2019-2679-1 | 237384 | Fixed |
curl | p10 | 7.66.0-alt1 | 8.7.1-alt2 | ALT-PU-2019-2679-1 | 237384 | Fixed |
curl | p9 | 7.71.0-alt1 | 7.79.0-alt2 | ALT-PU-2020-2447-1 | 253931 | Fixed |
curl | c10f1 | 7.66.0-alt1 | 8.6.0-alt1 | ALT-PU-2019-2679-1 | 237384 | Fixed |
curl | c9f2 | 7.71.0-alt1 | 8.6.0-alt1 | ALT-PU-2020-2447-1 | 253931 | Fixed |
curl | p11 | 7.66.0-alt1 | 8.7.1-alt2 | ALT-PU-2019-2679-1 | 237384 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://curl.haxx.se/docs/CVE-2019-5482.html |
|
openSUSE-SU-2019:2149 |
|
openSUSE-SU-2019:2169 |
|
https://security.netapp.com/advisory/ntap-20191004-0003/ |
|
https://www.oracle.com/security-alerts/cpujan2020.html |
|
20200225 [SECURITY] [DSA 4633-1] curl security update |
|
DSA-4633 |
|
GLSA-202003-29 |
|
N/A |
|
https://security.netapp.com/advisory/ntap-20200416-0003/ |
|
https://www.oracle.com/security-alerts/cpuoct2020.html |
|
FEDORA-2019-9e6357d82f | |
FEDORA-2019-6d7f6fa2c8 | |
FEDORA-2019-f2a520135e |