CVE-2020-8285

Опубликовано: 14 дек. 2020

Источник: debian

EPSS Низкий

Описание

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

Пакет	Статус	Версия исправления	Релиз	Тип
curl	fixed	7.74.0-1		package

https://curl.se/docs/CVE-2020-8285.html
https://github.com/curl/curl/issues/6255
https://github.com/curl/curl/commit/69a358f2186e04cf44698b5100332cbf1ee7f01d (curl-7_74_0)

EPSS

Процентиль: 69%

0.00594

Низкий

CVE-2020-8285

CVSS3: 7.5

ubuntu

около 5 лет назад

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

CVE-2020-8285

CVSS3: 6.5

redhat

около 5 лет назад

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

CVE-2020-8285

CVSS3: 7.5

nvd

около 5 лет назад

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

CVE-2020-8285

CVSS3: 7.5

msrc

около 5 лет назад

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

GHSA-4p2h-jggv-23jg

CVSS3: 7.5

github

больше 3 лет назад

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

EPSS

Процентиль: 69%

0.00594

Низкий