VulnerableCode Package Details - pkg:alpm/archlinux/curl@7.54.1-2

Search for packages

Vulnerability	Summary	Fixed by
VCID-4fah-w821-aaap Aliases: CVE-2017-1000100	When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn't restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl's redirect protocols with --proto-redir and libcurl's with CURLOPT_REDIR_PROTOCOLS.	7.55-1 Affected by 0 other vulnerabilities.
VCID-mmab-matt-aaaj Aliases: CVE-2017-1000101	curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.	7.55-1 Affected by 0 other vulnerabilities.
VCID-rgn4-k12p-aaae Aliases: CVE-2017-1000099	When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user (stdout or the application's provide callback), which could lead to other private data from the heap to get inadvertently displayed. The wrong buffer was an uninitialized memory area allocated on the heap and if it turned out to not contain any zero byte, it would continue and display the data following that buffer in memory.	7.55-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-4fah-w821-aaap
Aliases:
CVE-2017-1000100

When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn't restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl's redirect protocols with --proto-redir and libcurl's with CURLOPT_REDIR_PROTOCOLS.

7.55-1
Affected by 0 other vulnerabilities.

VCID-mmab-matt-aaaj
Aliases:
CVE-2017-1000101

curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.

7.55-1
Affected by 0 other vulnerabilities.

VCID-rgn4-k12p-aaae
Aliases:
CVE-2017-1000099

When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user (stdout or the application's provide callback), which could lead to other private data from the heap to get inadvertently displayed. The wrong buffer was an uninitialized memory area allocated on the heap and if it turned out to not contain any zero byte, it would continue and display the data following that buffer in memory.

7.55-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:58.187338+00:00	Arch Linux Importer	Affected by	VCID-rgn4-k12p-aaae	https://security.archlinux.org/AVG-370	36.0.0
2025-03-28T07:46:58.166252+00:00	Arch Linux Importer	Affected by	VCID-4fah-w821-aaap	https://security.archlinux.org/AVG-370	36.0.0
2025-03-28T07:46:58.145808+00:00	Arch Linux Importer	Affected by	VCID-mmab-matt-aaaj	https://security.archlinux.org/AVG-370	36.0.0
2024-10-20T17:34:03.784539+00:00	Arch Linux Importer	Affected by	VCID-rgn4-k12p-aaae	https://security.archlinux.org/AVG-370	34.0.2
2024-10-20T17:34:03.759040+00:00	Arch Linux Importer	Affected by	VCID-4fah-w821-aaap	https://security.archlinux.org/AVG-370	34.0.2
2024-10-20T17:34:03.729302+00:00	Arch Linux Importer	Affected by	VCID-mmab-matt-aaaj	https://security.archlinux.org/AVG-370	34.0.2
2024-09-18T02:02:19.715441+00:00	Arch Linux Importer	Affected by	VCID-rgn4-k12p-aaae	https://security.archlinux.org/AVG-370	34.0.1
2024-09-18T02:02:19.688552+00:00	Arch Linux Importer	Affected by	VCID-4fah-w821-aaap	https://security.archlinux.org/AVG-370	34.0.1
2024-09-18T02:02:19.662984+00:00	Arch Linux Importer	Affected by	VCID-mmab-matt-aaaj	https://security.archlinux.org/AVG-370	34.0.1
2024-01-31T12:10:01.114401+00:00	Arch Linux Importer	Affected by	VCID-rgn4-k12p-aaae	https://security.archlinux.org/AVG-370	34.0.0rc2
2024-01-31T12:10:01.092718+00:00	Arch Linux Importer	Affected by	VCID-4fah-w821-aaap	https://security.archlinux.org/AVG-370	34.0.0rc2
2024-01-31T12:10:01.070813+00:00	Arch Linux Importer	Affected by	VCID-mmab-matt-aaaj	https://security.archlinux.org/AVG-370	34.0.0rc2
2024-01-03T22:28:21.483387+00:00	Arch Linux Importer	Affected by	VCID-rgn4-k12p-aaae	https://security.archlinux.org/AVG-370	34.0.0rc1
2024-01-03T22:28:21.461979+00:00	Arch Linux Importer	Affected by	VCID-4fah-w821-aaap	https://security.archlinux.org/AVG-370	34.0.0rc1
2024-01-03T22:28:21.437685+00:00	Arch Linux Importer	Affected by	VCID-mmab-matt-aaaj	https://security.archlinux.org/AVG-370	34.0.0rc1

2025-03-28T07:46:58.187338+00:00

Arch Linux Importer

Affected by

Next non-vulnerable version	7.55-1
Latest non-vulnerable version	8.14.1-1
Risk	4.5