CVE-2018-1000120
CRITICALcurl <7.58.0 - Buffer Overflow
Title source: llmDescription
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
References (18)
Scores
CVSS v3
9.8
EPSS
0.0189
EPSS Percentile
82.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Classification
CWE
CWE-787
Status
published
Affected Products (18)
debian/debian_linux
debian/debian_linux
debian/debian_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
haxx/curl
< 7.58.0
redhat/enterprise_linux_desktop
redhat/enterprise_linux_server
redhat/enterprise_linux_workstation
oracle/communications_webrtc_session_controller
< 7.2
oracle/enterprise_manager_ops_center
oracle/enterprise_manager_ops_center
oracle/peoplesoft_enterprise_peopletools
... and 3 more
Timeline
Published
Mar 14, 2018
Tracked Since
Feb 18, 2026