Double-Free Vulnerability in libcurl API Function Affecting Multiple Versions
CVE-2016-8618
5.3MEDIUM
What is CVE-2016-8618?
The libcurl API function curl_maprintf()
prior to version 7.51.0 is susceptible to a double-free vulnerability. This issue arises from an unsafe multiplication involving size_t
, particularly affecting systems that utilize 32-bit size_t
variables. If exploited, this vulnerability could allow malicious actors to manipulate memory, potentially leading to application crashes and the execution of arbitrary code. Users of affected versions are advised to update to the latest version to mitigate this risk.
Affected Version(s)
curl 7.51.0