CVE-2019-5436

Published: May 28, 2019
Updated: Apr 13, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2019-5436" target="_blank" rel="noopener"> CVE-2019-5436
Severity: High
Exploit:

A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.

CVSS v3:

CVSS v2:

CWEs:

Software	From	Fixed in
haxx / libcurl	7.19.4	7.64.1.x
opensuse / leap	42.3	42.3.x
opensuse / leap	15.0	15.0.x
opensuse / leap	15.1	15.1.x
fedoraproject / fedora	29	29.x
debian / debian_linux	9.0	9.0.x
debian / debian_linux	10.0	10.0.x
f5 / traffix_signaling_delivery_controller	5.0.0	5.1.0.x
oracle / enterprise_manager_ops_center	12.3.3	12.3.3.x
oracle / enterprise_manager_ops_center	12.4.0	12.4.0.x
oracle / mysql_server	-	5.7.27.x
oracle / mysql_server	5.7.28	8.0.17.x
oracle / oss_support_tools	20.0	20.0.x