Versions mentioned in the description apply to the upstream
Remediation section below for
Amzn:2 relevant versions.
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities: CVE-2018-0500: 1597101: CVE-2018-0500 curl: Heap-based buffer overflow in Curl_smtp_escape_eob() when uploading data over SMTP A heap-based buffer overflow has been found in the Curl_smtp_escape_eob() function of curl. An attacker could exploit this by convincing a user to use curl to upload data over SMTP with a reduced buffer to cause a crash or corrupt memory.
curl to version 7.55.1-12.amzn2.0.5 or higher.