Your submission was sent successfully! Close

CVE-2017-8817

Published: 29 November 2017

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
curl
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus)
Released (7.47.0-1ubuntu2.5)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (7.35.0-1ubuntu2.13)