VulniosVulnios
All Threat Alerts
criticalCVE Alert
CVE-2019-5482

Critical Vulnerability: CVE-2019-5482 — haxx, fedoraproject — curl, fedora

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

Wednesday, April 15, 2026haxx, fedoraprojectVulnios Threat Intelligence
Share:

Executive Summary

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

Why It Matters

CVE-2019-5482 is rated CRITICAL severity, requiring immediate attention from security teams.

CVSS Base Score: 9.8/10

EPSS (Exploit Prediction): 6.9% probability of exploitation in the next 30 days.

Affected Technologies

Vendors: haxx, fedoraproject, opensuse, netapp, oracle, debian

Products: curl, fedora, leap, cloud_backup, oncommand_insight, oncommand_unified_manager, oncommand_workflow_automation, snapcenter, steelstore_cloud_integrated_storage, communications_operations_monitor, communications_session_border_controller, enterprise_manager_ops_center, http_server, hyperion_essbase, mysql_server, oss_support_tools, debian_linux

🛡️What Defenders Should Check

  • Check if you are affected — Review your asset inventory for products listed in CVE-2019-5482.
  • Apply available patches — Visit vendor advisories for the latest security updates.
  • Monitor for exploitation — Check your SIEM/IDS logs for related indicators.

    • Use Vulnios to continuously monitor your exposure to CVE-2019-5482 and similar vulnerabilities.

    References & Sources

  • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html
  • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html
  • https://curl.haxx.se/docs/CVE-2019-5482.html
  • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/
  • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/
  • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/
  • https://seclists.org/bugtraq/2020/Feb/36
  • https://security.gentoo.org/glsa/202003-29
  • https://security.netapp.com/advisory/ntap-20191004-0003/
  • https://security.netapp.com/advisory/ntap-20200416-0003/

    • AI Security Advisor

    Powered by Gemini

    Get AI-powered security recommendations tailored to this specific threat — including risk assessment, detection guidance, MITRE ATT&CK mapping, and actionable remediation steps.

    Affected Products

    curlfedoraleapcloud_backuponcommand_insightoncommand_unified_manageroncommand_workflow_automationsnapcentersteelstore_cloud_integrated_storagecommunications_operations_monitor

    Sources

    critical

    Protect Your Organization

    Monitor CVEs, scan for vulnerabilities, and get real-time threat alerts — all in one platform.

    Get Started FreeFree Security ScanOSINT Dashboard

    Get instant alerts on Telegram

    Join our public channel for real-time critical CVE alerts.

    Follow @vulnios