curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| haxx | curl | 7.20.0 - 7.70.0 | - |
| debian | debian_linux | - | - |
| fujitsu | m10-1_firmware | xcp2410 |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
18
Affected Products
10
References
haxx / curl
| - |
| fujitsu | m10-4_firmware | xcp2410 | - |
| fujitsu | m10-4s_firmware | xcp2410 | - |
| fujitsu | m12-1_firmware | xcp2410 | - |
| fujitsu | m12-2_firmware | xcp2410 | - |
| fujitsu | m12-2s_firmware | xcp2410 | - |
| fujitsu | m10-1_firmware | xcp3110 | - |
| fujitsu | m10-4_firmware | xcp3110 | - |
| fujitsu | m10-4s_firmware | xcp3110 | - |
| fujitsu | m12-1_firmware | xcp3110 | - |
| fujitsu | m12-2_firmware | xcp3110 | - |
| fujitsu | m12-2s_firmware | xcp3110 | - |
| siemens | sinec_infrastructure_network_services | 1.0.1.1 | - |
| splunk | universal_forwarder | 8.2.0 - 8.2.12 | - |
| splunk | universal_forwarder | 9.0.0 - 9.0.6 | - |
| splunk | universal_forwarder | - | - |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability
Impact