DISTRHO-Ports icon indicating copy to clipboard operation
DISTRHO-Ports copied to clipboard
verified publisher icon DISTRHO

Potential Vulnerability in Cloned Code

Open tabudz opened this issue 1 month ago • 0 comments

Summary

Our tool detected a potential vulnerability in libs/juced/source/dependancies/curl/lib/tftp.c which was cloned from curl/curl but did not receive the security patch applied. The original issue was reported and fixed under https://nvd.nist.gov/vuln/detail/cve-2019-5482.

Proposed Fix

Apply the same patch as the one in curl/curl to eliminate the vulnerability.

Reference

https://nvd.nist.gov/vuln/detail/cve-2019-5482 https://github.com/curl/curl/commit/facb0e4662415b5f28163e853dc6742ac5fafb3d

tabudz avatar Dec 18 '25 06:12 tabudz