{"api_version":"1","generated_at":"2026-04-22T22:48:01+00:00","cve":"CVE-2020-8285","urls":{"html":"https://cve.report/CVE-2020-8285","api":"https://cve.report/api/cve/CVE-2020-8285.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-8285","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-8285"},"summary":{"title":"CVE-2020-8285","description":"curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.","state":"PUBLISHED","assigner":"hackerone","published_at":"2020-12-14 20:15:13","updated_at":"2026-04-16 15:16:43"},"problem_types":["CWE-674","CWE-787","CWE-674 Uncontrolled Recursion (CWE-674)"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"ADP","type":"DECLARED","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"}}],"references":[{"url":"https://security.netapp.com/advisory/ntap-20210122-0007/","name":"https://security.netapp.com/advisory/ntap-20210122-0007/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"December 2020 cURL/libcURL Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","name":"https://www.oracle.com/security-alerts/cpuapr2022.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"],"title":"Oracle Critical Patch Update Advisory - April 2022","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://hackerone.com/reports/1045844","name":"https://hackerone.com/reports/1045844","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"],"title":"HackerOne","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html","name":"https://www.oracle.com//security-alerts/cpujul2021.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"],"title":"Oracle Critical Patch Update Advisory - July 2021","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"[SECURITY] Fedora 33 Update: curl-7.71.1-8.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html","name":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"[SECURITY] [DLA 2500-1] curl security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/202012-14","name":"https://security.gentoo.org/glsa/202012-14","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"cURL: Multiple vulnerabilities (GLSA 202012-14) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT212326","name":"https://support.apple.com/kb/HT212326","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About the security content of Security Update 2021-002 Catalina - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","name":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.oracle.com/security-alerts/cpujan2022.html","name":"https://www.oracle.com/security-alerts/cpujan2022.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"],"title":"Oracle Critical Patch Update Advisory - January 2022","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.oracle.com/security-alerts/cpuApr2021.html","name":"https://www.oracle.com/security-alerts/cpuApr2021.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"],"title":"Oracle Critical Patch Update Advisory - April 2021","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT212325","name":"https://support.apple.com/kb/HT212325","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About the security content of macOS Big Sur 11.3 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT212327","name":"https://support.apple.com/kb/HT212327","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About the security content of Security Update 2021-003 Mojave - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"[SECURITY] Fedora 32 Update: curl-7.69.1-7.fc32 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2021/Apr/51","name":"http://seclists.org/fulldisclosure/2021/Apr/51","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"Full Disclosure: APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","name":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2021/dsa-4881","name":"https://www.debian.org/security/2021/dsa-4881","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Debian -- Security Information -- DSA-4881-1 curl","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://curl.se/docs/CVE-2020-8285.html","name":"https://curl.se/docs/CVE-2020-8285.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"curl - FTP wildcard stack overflow - CVE-2020-8285","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","name":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"],"title":"","mime":"application/pdf","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/curl/curl/issues/6255","name":"https://github.com/curl/curl/issues/6255","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"],"title":"Stack overflow in libcurl when CURLOPT_WILDCARDMATCH is in use · Issue #6255 · curl/curl · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/","name":"FEDORA:FEDORA-2020-7ab62c73bc","refsource":"MITRE","tags":[],"title":"[SECURITY] Fedora 32 Update: curl-7.69.1-7.fc32 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/","name":"FEDORA:FEDORA-2020-ceaf490686","refsource":"MITRE","tags":[],"title":"[SECURITY] Fedora 33 Update: curl-7.71.1-8.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E","name":"MLIST:[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8","refsource":"MITRE","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E","name":"MLIST:[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8","refsource":"MITRE","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-8285","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8285","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"https://github.com/curl/curl","version":"affected libcurl 7.21.0 to and including 7.73.0","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2020","cve_id":"8285","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"mac_os_x","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"8285","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"8285","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"8285","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"32","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"8285","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"33","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"8285","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"haxx","cpe5":"libcurl","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"8285","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"clustered_data_ontap","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"8285","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"hci_bootstrap_os","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"8285","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"hci_compute_node","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"8285","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"hci_management_node","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"8285","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"hci_storage_node","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"8285","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"hci_storage_node_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"8285","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"solidfire","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2020-8285","qid":"12304","title":"McAfee Web Gateway Product Multiple Vulnerabilities (WP-2326,WP-3443)"},{"cve":"CVE-2020-8285","qid":"159196","title":"Oracle Enterprise Linux Security Update for curl (ELSA-2021-1610)"},{"cve":"CVE-2020-8285","qid":"178522","title":"Debian Security Update for curl (DSA 4881-1)"},{"cve":"CVE-2020-8285","qid":"239328","title":"Red Hat Update for curl (RHSA-2021:1610)"},{"cve":"CVE-2020-8285","qid":"239451","title":"Red Hat Update for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 (RHSA-2021:2472)"},{"cve":"CVE-2020-8285","qid":"296067","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 33.94.0 Missing (CPUAPR2021)"},{"cve":"CVE-2020-8285","qid":"352506","title":"Amazon Linux Security Advisory for curl: ALAS2-2021-1693"},{"cve":"CVE-2020-8285","qid":"375503","title":"Apple MacOS Big Sur 11.3 Not Installed (HT212325)"},{"cve":"CVE-2020-8285","qid":"375507","title":"Apple macOS Security Update 2021-002 Catalina (HT212326)"},{"cve":"CVE-2020-8285","qid":"375510","title":"Apple macOS Security Update 2021-003 Mojave (HT212327)"},{"cve":"CVE-2020-8285","qid":"377396","title":"Alibaba Cloud Linux Security Update for curl (ALINUX3-SA-2021:0078)"},{"cve":"CVE-2020-8285","qid":"378599","title":"Splunk Enterprise Third Party Package Updates for June (SVD-2023-0613)"},{"cve":"CVE-2020-8285","qid":"378883","title":"Splunk Enterprise August Third Party Package Updates (SVD-2023-0808)"},{"cve":"CVE-2020-8285","qid":"44183","title":"Juniper Network Operating System (Junos OS) Multiple Security Vulnerabilites (JSA79108)"},{"cve":"CVE-2020-8285","qid":"500132","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2020-8285","qid":"501396","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2020-8285","qid":"503888","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2020-8285","qid":"591406","title":"Siemens SIMATIC S7-1500 CPU GNU/Linux subsystem Multiple Vulnerabilities (SSB-439005, ICSA-22-104-13)"},{"cve":"CVE-2020-8285","qid":"670172","title":"EulerOS Security Update for curl (EulerOS-SA-2021-1672)"},{"cve":"CVE-2020-8285","qid":"670912","title":"EulerOS Security Update for curl (EulerOS-SA-2021-1287)"},{"cve":"CVE-2020-8285","qid":"690348","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for curl (3c77f139-3a09-11eb-929d-d4c9ef517024)"},{"cve":"CVE-2020-8285","qid":"750055","title":"SUSE Enterprise Linux Security Update for curl (SUSE-SU-2021:1786-1)"},{"cve":"CVE-2020-8285","qid":"750490","title":"OpenSUSE Security Update for curl (openSUSE-SU-2020:2249-1)"},{"cve":"CVE-2020-8285","qid":"750492","title":"OpenSUSE Security Update for curl (openSUSE-SU-2020:2238-1)"},{"cve":"CVE-2020-8285","qid":"900155","title":"CBL-Mariner Linux Security Update for curl 7.68.0"},{"cve":"CVE-2020-8285","qid":"903147","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for curl (3665)"},{"cve":"CVE-2020-8285","qid":"940000","title":"AlmaLinux Security Update for curl (ALSA-2021:1610)"},{"cve":"CVE-2020-8285","qid":"960740","title":"Rocky Linux Security Update for curl (RLSA-2021:1610)"}]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-04T09:56:28.307Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://hackerone.com/reports/1045844"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/curl/curl/issues/6255"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://curl.se/docs/CVE-2020-8285.html"},{"name":"FEDORA-2020-ceaf490686","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/"},{"name":"[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html"},{"name":"FEDORA-2020-7ab62c73bc","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/"},{"name":"GLSA-202012-14","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"https://security.gentoo.org/glsa/202012-14"},{"name":"DSA-4881","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2021/dsa-4881"},{"name":"20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2021/Apr/51"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://security.netapp.com/advisory/ntap-20210122-0007/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://support.apple.com/kb/HT212325"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://support.apple.com/kb/HT212326"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://support.apple.com/kb/HT212327"},{"name":"[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"name":"[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"}],"title":"CVE Program Container"},{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},{"other":{"content":{"id":"CVE-2020-8285","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-04-16T14:06:58.616126Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-04-16T14:07:21.315Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":"https://github.com/curl/curl","vendor":"n/a","versions":[{"status":"affected","version":"libcurl 7.21.0 to and including 7.73.0"}]}],"descriptions":[{"lang":"en","value":"curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-674","description":"Uncontrolled Recursion (CWE-674)","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-04-19T23:23:28.000Z","orgId":"36234546-b8fa-4601-9d6f-f4e334aa8ea1","shortName":"hackerone"},"references":[{"tags":["x_refsource_MISC"],"url":"https://hackerone.com/reports/1045844"},{"tags":["x_refsource_MISC"],"url":"https://github.com/curl/curl/issues/6255"},{"tags":["x_refsource_MISC"],"url":"https://curl.se/docs/CVE-2020-8285.html"},{"name":"FEDORA-2020-ceaf490686","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/"},{"name":"[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html"},{"name":"FEDORA-2020-7ab62c73bc","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/"},{"name":"GLSA-202012-14","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"https://security.gentoo.org/glsa/202012-14"},{"name":"DSA-4881","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2021/dsa-4881"},{"name":"20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2021/Apr/51"},{"tags":["x_refsource_MISC"],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://security.netapp.com/advisory/ntap-20210122-0007/"},{"tags":["x_refsource_CONFIRM"],"url":"https://support.apple.com/kb/HT212325"},{"tags":["x_refsource_CONFIRM"],"url":"https://support.apple.com/kb/HT212326"},{"tags":["x_refsource_CONFIRM"],"url":"https://support.apple.com/kb/HT212327"},{"name":"[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"name":"[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"tags":["x_refsource_MISC"],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"tags":["x_refsource_MISC"],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"tags":["x_refsource_MISC"],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"support@hackerone.com","ID":"CVE-2020-8285","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"https://github.com/curl/curl","version":{"version_data":[{"version_value":"libcurl 7.21.0 to and including 7.73.0"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Uncontrolled Recursion (CWE-674)"}]}]},"references":{"reference_data":[{"name":"https://hackerone.com/reports/1045844","refsource":"MISC","url":"https://hackerone.com/reports/1045844"},{"name":"https://github.com/curl/curl/issues/6255","refsource":"MISC","url":"https://github.com/curl/curl/issues/6255"},{"name":"https://curl.se/docs/CVE-2020-8285.html","refsource":"MISC","url":"https://curl.se/docs/CVE-2020-8285.html"},{"name":"FEDORA-2020-ceaf490686","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/"},{"name":"[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html"},{"name":"FEDORA-2020-7ab62c73bc","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/"},{"name":"GLSA-202012-14","refsource":"GENTOO","url":"https://security.gentoo.org/glsa/202012-14"},{"name":"DSA-4881","refsource":"DEBIAN","url":"https://www.debian.org/security/2021/dsa-4881"},{"name":"20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina","refsource":"FULLDISC","url":"http://seclists.org/fulldisclosure/2021/Apr/51"},{"name":"https://www.oracle.com/security-alerts/cpuApr2021.html","refsource":"MISC","url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"name":"https://security.netapp.com/advisory/ntap-20210122-0007/","refsource":"CONFIRM","url":"https://security.netapp.com/advisory/ntap-20210122-0007/"},{"name":"https://support.apple.com/kb/HT212325","refsource":"CONFIRM","url":"https://support.apple.com/kb/HT212325"},{"name":"https://support.apple.com/kb/HT212326","refsource":"CONFIRM","url":"https://support.apple.com/kb/HT212326"},{"name":"https://support.apple.com/kb/HT212327","refsource":"CONFIRM","url":"https://support.apple.com/kb/HT212327"},{"name":"[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8","refsource":"MLIST","url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"},{"name":"[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"},{"name":"https://www.oracle.com//security-alerts/cpujul2021.html","refsource":"MISC","url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"name":"https://www.oracle.com/security-alerts/cpujan2022.html","refsource":"MISC","url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"name":"https://www.oracle.com/security-alerts/cpuapr2022.html","refsource":"MISC","url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"name":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","refsource":"CONFIRM","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"}]}}}},"cveMetadata":{"assignerOrgId":"36234546-b8fa-4601-9d6f-f4e334aa8ea1","assignerShortName":"hackerone","cveId":"CVE-2020-8285","datePublished":"2020-12-14T19:39:04.000Z","dateReserved":"2020-01-28T00:00:00.000Z","dateUpdated":"2026-04-16T14:07:21.315Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2020-12-14 20:15:13","lastModifiedDate":"2026-04-16 15:16:43","problem_types":["CWE-674","CWE-787","CWE-674 Uncontrolled Recursion (CWE-674)"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","versionStartIncluding":"7.21.0","versionEndExcluding":"7.74.0","matchCriteriaId":"61666FBE-C3B7-4449-89C3-07288182D638"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","matchCriteriaId":"36D96259-24BD-44E2-96D9-78CE1D41F956"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","matchCriteriaId":"E460AA51-FCDA-46B9-AE97-E6676AA5E194"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*","matchCriteriaId":"1FE996B1-6951-4F85-AA58-B99A379D2163"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*","matchCriteriaId":"A3C19813-E823-456A-B1CE-EC0684CE1953"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*","matchCriteriaId":"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*","matchCriteriaId":"1C767AA1-88B7-48F0-9F31-A89D16DCD52C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*","matchCriteriaId":"AD7447BC-F315-4298-A822-549942FC118B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netapp:hci_storage_node_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4BC4299D-05D3-4875-BC79-C3DC02C88ECE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*","matchCriteriaId":"02DEB4FB-A21D-4CB1-B522-EEE5093E8521"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","versionEndExcluding":"10.14.6","matchCriteriaId":"B0E97851-4DFF-4852-A339-183331F4ACBC"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","versionStartIncluding":"10.15","versionEndExcluding":"10.15.7","matchCriteriaId":"DB8A73F8-3074-4B32-B9F6-343B6B1988C5"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*","matchCriteriaId":"693E7DAE-BBF0-4D48-9F8A-20DDBD4AAC0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*","matchCriteriaId":"CFE26ECC-A2C2-4501-9950-510DE0E1BD86"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*","matchCriteriaId":"26108BEF-0847-4AB0-BD98-35344DFA7835"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*","matchCriteriaId":"0FD3467D-7679-479F-9C0B-A93F7CD0929D"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*","matchCriteriaId":"D4C6098E-EDBD-4A85-8282-B2E9D9333872"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*","matchCriteriaId":"518BB47B-DD76-4E8C-9F10-7EBC1E146191"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*","matchCriteriaId":"63940A55-D851-46EB-9668-D82BEFC1FE95"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*","matchCriteriaId":"68C7A97A-3801-44FA-96CA-10298FA39883"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*","matchCriteriaId":"6D69914D-46C7-4A0E-A075-C863C1692D33"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*","matchCriteriaId":"9CDB4476-B521-43E4-A129-8718A8E0A8CD"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*","matchCriteriaId":"9D072B77-BE3F-4A2E-B66A-E2C8DC3781E4"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*","matchCriteriaId":"A654B8A2-FC30-4171-B0BB-366CD7ED4B6A"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*","matchCriteriaId":"F1F4BF7F-90D4-4668-B4E6-B06F4070F448"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*","matchCriteriaId":"0F441A43-1669-478D-9EC8-E96882DE4F9F"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*","matchCriteriaId":"C1C795B9-E58D-467C-83A8-2D45C792292F"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0","versionEndExcluding":"11.3","matchCriteriaId":"4E699CCC-31F5-458E-A59C-79B3AF143747"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*","matchCriteriaId":"E39D442D-1997-49AF-8B02-5640BE2A26CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*","matchCriteriaId":"4479F76A-4B67-41CC-98C7-C76B81050F8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*","matchCriteriaId":"394A16F2-CCD4-44E5-BF6B-E0C782A9FA38"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*","matchCriteriaId":"D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"xcp2410","matchCriteriaId":"5E63B7B2-409A-476E-BA12-2A2D2F3B85DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*","matchCriteriaId":"983D27DE-BC89-454E-AE47-95A26A3651E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"xcp2410","matchCriteriaId":"ADB5D4C9-DA14-4188-9181-17336F9445F6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*","matchCriteriaId":"5825AEE1-B668-40BD-86A9-2799430C742C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"xcp2410","matchCriteriaId":"0B65E2F3-57EC-46C0-BB4A-0A0F3F8D387E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*","matchCriteriaId":"3DA2D526-BDCF-4A65-914A-B3BA3A0CD613"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"xcp2410","matchCriteriaId":"90B7CFBF-761C-4EAA-A322-EF5E294AADED"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*","matchCriteriaId":"EE0CF40B-E5BD-4558-9321-184D58EF621D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"xcp2410","matchCriteriaId":"48B28ABF-7E1A-4A1E-8F78-0D95D7BDF886"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*","matchCriteriaId":"0F3C9C09-7B2B-4DB6-8BE0-35302ED35776"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"xcp2410","matchCriteriaId":"E74AAF52-1388-4BD9-B17B-3A6A32CA3608"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*","matchCriteriaId":"95503CE5-1D06-4092-A60D-D310AADCAFB1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"xcp3110","matchCriteriaId":"A107698C-9C63-44A9-8A2B-81EDD5702B4C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*","matchCriteriaId":"983D27DE-BC89-454E-AE47-95A26A3651E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"xcp3110","matchCriteriaId":"0FC0460E-4695-44FB-99EE-28B2C957B760"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*","matchCriteriaId":"5825AEE1-B668-40BD-86A9-2799430C742C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"xcp3110","matchCriteriaId":"BD54A092-85A7-4459-9C69-19E6E24AC24B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*","matchCriteriaId":"3DA2D526-BDCF-4A65-914A-B3BA3A0CD613"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"xcp3110","matchCriteriaId":"5F813DBC-BA1E-4C73-AA11-1BD3F9508372"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*","matchCriteriaId":"EE0CF40B-E5BD-4558-9321-184D58EF621D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"xcp3110","matchCriteriaId":"EFDF4F39-1C6C-4AD3-99CF-BD5B44B8C71B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*","matchCriteriaId":"0F3C9C09-7B2B-4DB6-8BE0-35302ED35776"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"xcp3110","matchCriteriaId":"416B805F-799A-4466-AC5A-93D083A2ABBD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*","matchCriteriaId":"95503CE5-1D06-4092-A60D-D310AADCAFB1"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.1.1","matchCriteriaId":"B0F46497-4AB0-49A7-9453-CC26837BF253"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.12","matchCriteriaId":"5722E753-75DE-4944-A11B-556CB299B57D"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.0.6","matchCriteriaId":"DC0F9351-81A4-4FEA-B6B5-6E960A933D32"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*","matchCriteriaId":"EED24E67-2957-4C1B-8FEA-E2D2FE7B97FC"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"8285","Ordinal":"1","Title":"CVE-2020-8285","CVE":"CVE-2020-8285","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"8285","Ordinal":"1","NoteData":"curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.","Type":"Description","Title":"CVE-2020-8285"},{"CveYear":"2020","CveId":"8285","Ordinal":"2","NoteData":"2020-12-14","Type":"Other","Title":"Published"},{"CveYear":"2020","CveId":"8285","Ordinal":"3","NoteData":"2022-02-07","Type":"Other","Title":"Modified"}]}}}