curl / Docs / Vulnerability table / 7.72.0 vulnerabilities

Vulnerabilities in curl 7.72.0

curl version 7.72.0 was released on August 19 2020. The following 3 security problems are known to exist in this version.

FlawFrom versionTo and includingCVECWE
Inferior OCSP verification7.41.07.73.0CVE-2020-8286CWE-299: Improper Check for Certificate Revocation
FTP wildcard stack overflow7.21.07.73.0CVE-2020-8285CWE-674: Uncontrolled Recursion
trusting FTP PASV responses4.07.73.0CVE-2020-8284CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

Changelog for curl 7.72.0

See vulnerability summary for the previous release: 7.71.1 or the subsequent release: 7.73.0