Multiple vulnerabilities were discovered in cURL, an URL transfer library. CVE-2019-5436 A heap buffer overflow in the TFTP receiving code was discovered, which could allow DoS or arbitrary code execution. This only affects the oldstable distribution . CVE-2019-5481 Thomas Vegas discovered a double-free in the FTP-KRB code, triggered by a malicious server sending a very large data block. CVE-2019- ...