AVG-1337 log
| Package | curl |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 7.73.0-1 |
| Fixed | 7.74.0-1 |
| Current | 8.11.1-3 [core] |
| Ticket | None |
| Created | Wed Dec 9 10:01:08 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-8286 | Medium | Yes | Certificate verification bypass | A security issue was found in curl versions 7.41.0 up to and including 7.73.0. libcurl offers "OCSP stapling" via the CURLOPT_SSL_VERIFYSTATUS option. When... |
| CVE-2020-8285 | Medium | Yes | Denial of service | A security issue was found in curl versions 7.21.0 up to and including 7.73.0. libcurl offers a wildcard matching functionality, which allows a callback... |
| CVE-2020-8284 | Low | Yes | Information disclosure | A security issue was found in curl versions 4.0 up to and including 7.73.0. When curl performs a passive FTP transfer, it first tries the EPSV command and... |