[3.5] curl: IMAP FETCH response out of bounds read (CVE-2017-1000257)ID: oval:org.secpod.oval:def:1800848 | Date: (C)2018-03-28 (M)2022-09-07 |
Class: PATCH | Family: unix |
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that data with a pointer and the size to the deliver-data function. Affected versions libcurl 7.20.0 to and including 7.56.0 Not affected versions libcurl = 7.56.1
Platform: |
Alpine Linux 3.5 |