You are here

Curl: Vulnerability fixed in Version 7.56.1

Affects product: 
Airlock WAF
IDs: 
CVE-2017-8818, CVE-2017-8817, CVE-2017-8816
Keywords: 
curl
Description: 

Curl released version 7.56.1 fixing three vulnerabilities [1].

No action required for Airlock WAF

Details:

  • CVE-2017-8818/CVE-2017-8816: SSL out of buffer access and NTLM buffer overflow via integer overflow. Both vulnerabilities affect 32-bit builds of curl. Airlock WAF runs on a 64-bit system.
  • CVE-2017-8817: FTP wildcard out of bounds read. FTP is not used by Airlock WAF.
Resolution: 

no action required

Component: 
Airlock
Airlock Vulnerability Status: 
Does not affect Airlock
Back-end Vulnerability Status: 
No action required