libcurl prior to 7.65.0 contains two integer overflows in the curl_url_set() function that if triggered, can lead to a too small buffer allocation and a subsequent heap buffer overflow. The flaws only exist on 32 bit architectures and require excessive string input lengths.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
haxx curl |