A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2019-5436 User=admin}