Your submission was sent successfully! Close

CVE-2020-8169

Published: 24 June 2020

curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).

Notes

AuthorNote
mdeslaur
introduced in 7.62.0
Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
curl
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
eoan
Released (7.65.3-1ubuntu3.1)
focal
Released (7.68.0-1ubuntu2.1)
precise Not vulnerable
(code not present)
trusty Not vulnerable
(code not present)
upstream Needs triage

xenial Not vulnerable
(code not present)