You are here

Home › Curl: Vulnerability fixed in Version 7.56.1

Curl: Vulnerability fixed in Version 7.56.1

Submitted on 29. November 2017 - 17:31 by rischi.
Last update on 30. November 2017 - 15:48.
IDs: 
CVE-2017-8818, CVE-2017-8817, CVE-2017-8816
Keywords: 
curl
Description: 

Curl released version 7.56.1 fixing three vulnerabilities [1].

No action required for Airlock WAF

Details:

  • CVE-2017-8818/CVE-2017-8816: SSL out of buffer access and NTLM buffer overflow via integer overflow. Both vulnerabilities affect 32-bit builds of curl. Airlock WAF runs on a 64-bit system.
  • CVE-2017-8817: FTP wildcard out of bounds read. FTP is not used by Airlock WAF.
Resolution: 

no action required

Component: 
Airlock
Airlock Vulnerability Status: 
Does not affect Airlock
Back-end Vulnerability Status: 
No action required
Reference: 
Vulnerabilities in curl 7.56.1
© Ergon Informatik AG