Your submission was sent successfully! Close

CVE-2017-8817

Published: 29 November 2017

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
curl
Launchpad, Ubuntu, Debian
artful
Released (7.55.1-1ubuntu2.2)
precise
Released (7.22.0-3ubuntu4.19)
trusty
Released (7.35.0-1ubuntu2.13)
upstream Needs triage

xenial
Released (7.47.0-1ubuntu2.5)
zesty
Released (7.52.1-4ubuntu1.4)