Double Free
CVE-2016-8619
Summary
The function `read_data()` in "security.c" in curl versions 7.3 through 7.50.3 is vulnerable to memory double free.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- HIGH
- HIGH
CWE-415 - Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
Advisory Timeline
- Published