Your submission was sent successfully! Close

CVE-2016-9594

Published: 23 April 2018

curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable.

Priority

Medium

CVSS 3 base score: 8.1

Status

Package Release Status
curl
Launchpad, Ubuntu, Debian
precise Not vulnerable

trusty Not vulnerable

upstream Needs triage

xenial Not vulnerable

yakkety Not vulnerable