What the vulnerability does

01Description

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

Key dates

02Disclosure timeline

September 16, 2019 CVE published
April 15, 2026 Record updated