Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2017-8817
Deferred
More InfoOfficial Page
Source-security@debian.org
View Known Exploited Vulnerability (KEV) details
Published At-29 Nov, 2017 | 18:29
Updated At-20 Apr, 2025 | 01:37

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
CURL
haxx
>>curl>>Versions from 7.21.0(inclusive) to 7.56.1(inclusive)
cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*
CURL
haxx
>>libcurl>>Versions between 7.21.0(exclusive) and 7.56.1(inclusive)
cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://security.cucumberlinux.com/security/details.php?id=162security@debian.org
Third Party Advisory
http://www.securityfocus.com/bid/102057security@debian.org
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039897security@debian.org
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2018:3558security@debian.org
N/A
https://curl.haxx.se/docs/adv_2017-ae72.htmlsecurity@debian.org
Mitigation
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2017/11/msg00040.htmlsecurity@debian.org
N/A
https://security.gentoo.org/glsa/201712-04security@debian.org
N/A
https://www.debian.org/security/2017/dsa-4051security@debian.org
Third Party Advisory
http://security.cucumberlinux.com/security/details.php?id=162af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/102057af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039897af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2018:3558af854a3a-2127-422b-91ae-364da2661108
N/A
https://curl.haxx.se/docs/adv_2017-ae72.htmlaf854a3a-2127-422b-91ae-364da2661108
Mitigation
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2017/11/msg00040.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
https://security.gentoo.org/glsa/201712-04af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.debian.org/security/2017/dsa-4051af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Change History
0Changes found
Details not found