A vulnerability was found in libapreq2 through 2.13 where multipart parser can be made dereference the null pointer by issuing a simple CURL command. Reference: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939937
Created libapreq2 tracking bugs for this issue: Affects: epel-all [bug 1758454] Affects: fedora-all [bug 1758453]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.