You are here

libcurl URL decode buffer boundary flaw

IDs: 
CVE-2013-2174, CB-K13/0425
Keywords: 
libcurl
Description: 

A buffer boundary flaw has been found in a URL decode function of libcurl up to version 7.30.0. The affected function curl_easy_unescape() is not directly used by Airlock. Potential indirect calls (within libcurl) to the function can not be exploited because the critical parameter of the function can not be influenced by the client.

Resolution: 

no action required.

Component: 
Airlock
Airlock Vulnerability Status: 
Does not affect Airlock
Back-end Vulnerability Status: 
No action required