CVE-2020-8285

Published: Dec 14, 2020

Modified: Apr 16, 2026

PUBLISHED

Description

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

Vendor	Product	Versions
n/a	https://github.com/curl/curl	affected `libcurl 7.21.0 to and including 7.73.0`

Weaknesses (CWE)

CWE-674

References

https://hackerone.com/reports/1045844

x_refsource_MISC

https://github.com/curl/curl/issues/6255

x_refsource_MISC

https://curl.se/docs/CVE-2020-8285.html

x_refsource_MISC

FEDORA-2020-ceaf490686

vendor-advisory

x_refsource_FEDORA

[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update

mailing-list

x_refsource_MLIST

FEDORA-2020-7ab62c73bc

vendor-advisory

x_refsource_FEDORA

GLSA-202012-14

vendor-advisory

x_refsource_GENTOO

DSA-4881

vendor-advisory

x_refsource_DEBIAN

20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina

mailing-list

x_refsource_FULLDISC

https://www.oracle.com/security-alerts/cpuApr2021.html

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210122-0007/

x_refsource_CONFIRM

https://support.apple.com/kb/HT212325

x_refsource_CONFIRM

https://support.apple.com/kb/HT212326

x_refsource_CONFIRM

https://support.apple.com/kb/HT212327

x_refsource_CONFIRM

[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8

mailing-list

x_refsource_MLIST

[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8

mailing-list

x_refsource_MLIST

https://www.oracle.com//security-alerts/cpujul2021.html

x_refsource_MISC

https://www.oracle.com/security-alerts/cpujan2022.html

x_refsource_MISC

https://www.oracle.com/security-alerts/cpuapr2022.html

x_refsource_MISC

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-8285

Description

Affected Products

Weaknesses (CWE)

References