CVE-2017-8817

Published: 29 November 2017

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
curl
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 18.04 LTS (Bionic Beaver)
Released (7.57.0-1ubuntu1)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (7.47.0-1ubuntu2.5)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (7.35.0-1ubuntu2.13)