VulnerableCode Package Details - pkg:alpm/archlinux/curl@7.62.0-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-juzu-eydf-aaaa	A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.	CVE-2018-16840
VCID-uhyn-bd8d-aaak	Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.	CVE-2018-16842

Vulnerability

Summary

Aliases

VCID-juzu-eydf-aaaa

A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.

CVE-2018-16840

VCID-uhyn-bd8d-aaak

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.

CVE-2018-16842

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:00.892094+00:00	Arch Linux Importer	Fixing	VCID-juzu-eydf-aaaa	https://security.archlinux.org/AVG-795	36.0.0
2025-03-28T07:46:00.868746+00:00	Arch Linux Importer	Fixing	VCID-uhyn-bd8d-aaak	https://security.archlinux.org/AVG-795	36.0.0
2024-10-20T17:34:01.640716+00:00	Arch Linux Importer	Fixing	VCID-juzu-eydf-aaaa	https://security.archlinux.org/AVG-795	34.0.2
2024-10-20T17:34:01.614969+00:00	Arch Linux Importer	Fixing	VCID-uhyn-bd8d-aaak	https://security.archlinux.org/AVG-795	34.0.2
2024-09-18T02:01:04.513399+00:00	Arch Linux Importer	Fixing	VCID-juzu-eydf-aaaa	https://security.archlinux.org/AVG-795	34.0.1
2024-09-18T02:01:04.487178+00:00	Arch Linux Importer	Fixing	VCID-uhyn-bd8d-aaak	https://security.archlinux.org/AVG-795	34.0.1
2024-01-31T12:09:57.225755+00:00	Arch Linux Importer	Fixing	VCID-juzu-eydf-aaaa	https://security.archlinux.org/AVG-795	34.0.0rc2
2024-01-31T12:09:57.203933+00:00	Arch Linux Importer	Fixing	VCID-uhyn-bd8d-aaak	https://security.archlinux.org/AVG-795	34.0.0rc2
2024-01-03T22:27:20.501996+00:00	Arch Linux Importer	Fixing	VCID-juzu-eydf-aaaa	https://security.archlinux.org/AVG-795	34.0.0rc1
2024-01-03T22:27:20.475155+00:00	Arch Linux Importer	Fixing	VCID-uhyn-bd8d-aaak	https://security.archlinux.org/AVG-795	34.0.0rc1