CVE-2020-8177

Sažetak

curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2020-8177.html
https://hackerone.com/reports/887462
https://www.debian.org/security/2021/dsa-4881
https://www.oracle.com/security-alerts/cpujan2022.html

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

27-03-2024 - 16:04

Objavljeno

14-12-2020 - 20:15