{"id":"CURL-CVE-2019-5435","summary":"Integer overflows in URL parser","details":"libcurl contains two integer overflows in the `curl_url_set()` function that\nif triggered, can lead to a too small buffer allocation and a subsequent heap\nbuffer overflow.\n\nThe flaws only exist on 32-bit architectures and require excessive string\ninput lengths.","aliases":["CVE-2019-5435"],"modified":"2025-11-12T00:50:45Z","published":"2019-05-22T08:00:00Z","database_specific":{"URL":"https://curl.se/docs/CVE-2019-5435.json","affects":"both","issue":"https://hackerone.com/reports/547630","severity":"Low","last_affected":"7.64.1","package":"curl","CWE":{"id":"CWE-131","desc":"Incorrect Calculation of Buffer Size"},"award":{"currency":"USD","amount":"150"},"www":"https://curl.se/docs/CVE-2019-5435.html"},"affected":[{"ranges":[{"type":"SEMVER","events":[{"introduced":"7.62.0"},{"fixed":"7.65.0"}]},{"type":"GIT","repo":"https://github.com/curl/curl.git","events":[{"introduced":"fb30ac5a2d63773c529c19259754e2b306ac2e2e"},{"fixed":"5fc28510a4664f46459d9a40187d81cc08571e60"}]}],"versions":["7.64.1","7.64.0","7.63.0","7.62.0"],"database_specific":{"vanir_signatures":[{"id":"CURL-CVE-2019-5435-3d01b602","target":{"function":"seturl","file":"lib/urlapi.c"},"signature_type":"Function","digest":{"length":4035,"function_hash":"17111116627931576603258458591224325768"},"source":"https://github.com/curl/curl.git/commit/5fc28510a4664f46459d9a40187d81cc08571e60","deprecated":false,"signature_version":"v1"},{"id":"CURL-CVE-2019-5435-5f8b7610","target":{"function":"Curl_setstropt","file":"lib/setopt.c"},"signature_type":"Function","digest":{"length":211,"function_hash":"280153927549616949673385639853676244803"},"source":"https://github.com/curl/curl.git/commit/5fc28510a4664f46459d9a40187d81cc08571e60","deprecated":false,"signature_version":"v1"},{"id":"CURL-CVE-2019-5435-8089b0e0","target":{"file":"lib/urlapi.c"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["78554863258954956521340357035373578254","330171497022742387851485872771399744851","262309584276055853606192772635916031948","198755321502617151848312325515365738517","14806714711641928770362352425253746313","195759364791479024806308952934440236640","167983348701526822267281029193914267877"]},"source":"https://github.com/curl/curl.git/commit/5fc28510a4664f46459d9a40187d81cc08571e60","deprecated":false,"signature_version":"v1"},{"id":"CURL-CVE-2019-5435-84d699b1","target":{"function":"curl_url_set","file":"lib/urlapi.c"},"signature_type":"Function","digest":{"length":4780,"function_hash":"205059320973945546455665219084683290377"},"source":"https://github.com/curl/curl.git/commit/5fc28510a4664f46459d9a40187d81cc08571e60","deprecated":false,"signature_version":"v1"},{"id":"CURL-CVE-2019-5435-ce5daf70","target":{"file":"lib/setopt.c"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["52391275176403602765405931494557147854","106635035286558634403921500768056542339","288242135262122401445381518083277879641"]},"source":"https://github.com/curl/curl.git/commit/5fc28510a4664f46459d9a40187d81cc08571e60","deprecated":false,"signature_version":"v1"}],"source":"https://curl.se/docs/CURL-CVE-2019-5435.json"}}],"schema_version":"1.7.3","credits":[{"name":"Wenchao Li","type":"FINDER"},{"name":"Daniel Stenberg","type":"REMEDIATION_DEVELOPER"}]}