CVE-2020-8177
- Source
- https://cve.org/CVERecord?id=CVE-2020-8177
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-8177.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-8177
- Aliases
- Downstream
- Related
- Published
- 2020-12-14T20:15:13.497Z
- Modified
- 2026-04-16T00:06:07.909176666Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.
- Database specific
{ "unresolved_ranges": [ { "source": "CPE_FIELD", "extracted_events": [ { "fixed": "1.0.1.1" } ], "cpe": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "introduced": "8.2.0" }, { "fixed": "8.2.12" }, { "introduced": "9.0.0" }, { "fixed": "9.0.6" } ], "cpe": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "9.1.0" } ], "cpe": "cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "10.0" } ], "cpe": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "fixed": "xcp2410" }, { "fixed": "xcp3110" } ], "cpe": "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "fixed": "xcp2410" }, { "fixed": "xcp3110" } ], "cpe": "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "fixed": "xcp2410" }, { "fixed": "xcp3110" } ], "cpe": "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "fixed": "xcp2410" }, { "fixed": "xcp3110" } ], "cpe": "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "fixed": "xcp2410" }, { "fixed": "xcp3110" } ], "cpe": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "fixed": "xcp2410" }, { "fixed": "xcp3110" } ], "cpe": "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*" } ] }- References
Affected packages
Git / github.com/curl/curl
Affected versions
Other
curl-7_20_0
curl-7_20_1
curl-7_21_0
curl-7_21_1
curl-7_21_2
curl-7_21_3
curl-7_21_4
curl-7_21_5
curl-7_21_6
curl-7_21_7
curl-7_22_0
curl-7_23_0
curl-7_23_1
curl-7_25_0
curl-7_26_0
curl-7_27_0
curl-7_28_0
curl-7_28_1
curl-7_29_0
curl-7_30_0
curl-7_31_0
curl-7_32_0
curl-7_33_0
curl-7_34_0
curl-7_35_0
curl-7_36_0
curl-7_37_0
curl-7_37_1
curl-7_38_0
curl-7_39_0
curl-7_40_0
curl-7_41_0
curl-7_42_0
curl-7_43_0
curl-7_44_0
curl-7_45_0
curl-7_46_0
curl-7_47_0
curl-7_47_1
curl-7_48_0
curl-7_49_0
curl-7_49_1
curl-7_50_0
curl-7_50_1
curl-7_50_2
curl-7_50_3
curl-7_51_0
curl-7_52_0
curl-7_52_1
curl-7_53_0
curl-7_53_1
curl-7_54_0
curl-7_54_1
curl-7_55_0
curl-7_55_1
curl-7_56_0
curl-7_56_1
curl-7_57_0
curl-7_58_0
curl-7_59_0
curl-7_60_0
curl-7_61_0
curl-7_61_1
curl-7_62_0
curl-7_63_0
curl-7_64_0
curl-7_64_1
curl-7_65_0
curl-7_65_1
curl-7_65_2
curl-7_65_3
curl-7_66_0
curl-7_67_0
curl-7_68_0
curl-7_69_0
curl-7_69_1
curl-7_70_0