CVE-2020-8285

high Splunk
CVSS v3 Base Score
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.7%
Exploitation probability in 30 days
Top 27% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Confidentiality
None
Integrity
None
Availability
High
Published: December 14, 2020 (1977 days ago)
Last Modified: April 16, 2026
Vendor: Splunk
Source: NVD

Description

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

CWE

CWE-674

Affected Products

haxx libcurldebian debian linuxfedoraproject fedoranetapp clustered data ontapnetapp hci management nodenetapp solidfirenetapp hci bootstrap osnetapp hci storage node firmwareapple mac os xapple macos

References

🔗 seclists.org 🔗 cert-portal.siemens.com 🔗 curl.se 🔗 github.com 🔗 hackerone.com