Amazon Linux 2 : curl (ALAS-2018-1052)
High Nessus Plugin ID 111606
SynopsisThe remote Amazon Linux 2 host is missing a security update.
DescriptionA heap-based buffer overflow has been found in the Curl_smtp_escape_eob() function of curl. An attacker could exploit this by convincing a user to use curl to upload data over SMTP with a reduced buffer to cause a crash or corrupt memory.(CVE-2018-0500)
SolutionRun 'yum update curl' to update your system.