CVE-2018-16842
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
Date published : 2018-10-31
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842
https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211