Your submission was sent successfully! Close

CVE-2019-5481

Published: 11 September 2019

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
curl
Launchpad, Ubuntu, Debian 		bionic
Released (7.58.0-2ubuntu3.8)
disco
Released (7.64.0-2ubuntu1.2)
precise Not vulnerable
(code not present)
trusty Not vulnerable
(code not present)
upstream Needs triage

xenial Not vulnerable
(code not present)
Patches:
upstream: https://github.com/curl/curl/commit/9069838b30fb3b48af0123e39f664cea683254a5

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading