AVG-1337 log

Package curl
Status Fixed
Severity Medium
Type multiple issues
Affected 7.73.0-1
Fixed 7.74.0-1
Current 8.7.1-3 [core-testing]
8.6.0-4 [core]
Ticket None
Created Wed Dec 9 10:01:08 2020
Issue Severity Remote Type Description
CVE-2020-8286 Medium Yes Certificate verification bypass
A security issue was found in curl versions 7.41.0 up to and including 7.73.0. libcurl offers "OCSP stapling" via the CURLOPT_SSL_VERIFYSTATUS option. When...
CVE-2020-8285 Medium Yes Denial of service
A security issue was found in curl versions 7.21.0 up to and including 7.73.0. libcurl offers a wildcard matching functionality, which allows a callback...
CVE-2020-8284 Low Yes Information disclosure
A security issue was found in curl versions 4.0 up to and including 7.73.0. When curl performs a passive FTP transfer, it first tries the EPSV command and...