curl / Docs / Vulnerability table / 7.72.0 vulnerabilities

Vulnerabilities in curl 7.72.0

curl version 7.72.0 was released on August 19 2020. The following 3 security problems are known to exist in this version.

FlawFrom versionTo and includingCVECWE
Inferior OCSP verification7. Improper Check for Certificate Revocation
FTP wildcard stack overflow7. Uncontrolled Recursion
trusting FTP PASV responses4.07.73.0CVE-2020-8284CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

Changelog for curl 7.72.0

See vulnerability summary for the previous release: 7.71.1 or the subsequent release: 7.73.0