Total vulnerabilities in the database
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.
| Software | From | Fixed in |
|---|---|---|
| debian / debian_linux | 8.0 | 8.0.x |
| debian / debian_linux | 7.0 | 7.0.x |
| debian / debian_linux | 9.0 | 9.0.x |
| canonical / ubuntu_linux | 16.04 | 16.04.x |
| canonical / ubuntu_linux | 14.04 | 14.04.x |
| canonical / ubuntu_linux | 12.04 | 12.04.x |
| canonical / ubuntu_linux | 17.10 | 17.10.x |
| canonical / ubuntu_linux | 18.04 | 18.04.x |
| haxx / curl | 7.20.0 | 7.59.0.x |
| redhat / enterprise_linux_desktop | 7.0 | 7.0.x |
| redhat / enterprise_linux_workstation | 7.0 | 7.0.x |
| redhat / enterprise_linux_server | 7.0 | 7.0.x |
| oracle / enterprise_manager_ops_center | 12.2.2 | 12.2.2.x |
| oracle / peoplesoft_enterprise_peopletools | 8.55 | 8.55.x |
| oracle / peoplesoft_enterprise_peopletools | 8.56 | 8.56.x |
| oracle / enterprise_manager_ops_center | 12.3.3 | 12.3.3.x |
| oracle / peoplesoft_enterprise_peopletools | 8.57 | 8.57.x |
| oracle / communications_webrtc_session_controller | - | 7.2 |