CVE-2020-8284

OpenSSL and cURL packages within CloudLinux 6 Extended Lifecycle Support with a fix for the CVE-2020-1971 and the CVE-2020-8284 have been rolled out to 100%

NEW: CVE-2020-8284 A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information ... (click for more) Severity: LOW https://t.co/k20fYzqadl?amp=1

Security Bulletin: IBM MQ is affected by a vulnerability within libcurl (CVE-2020-8284)

New post from https://t.co/9KYxtdZjkl?amp=1 (CVE-2020-8284 (curl, fedora)) has been published on https://t.co/Vwf8hjMPqj?amp=1

cURL package within CentOS 6 Extended Lifecycle Support with a fix for the CVE-2020-8284 has been rolled out to 100%

New post from https://t.co/uXvPWJy6tj?amp=1 (cURL vulnerability CVE-2020-8284) has been published on https://t.co/IQPcRLy5Yb?amp=1

New post from https://t.co/9KYxtdZjkl?amp=1 (CVE-2020-8284 (curl, debian_linux, fedora)) has been published on https://t.co/6ioaGObYXX?amp=1

threatintelctr

NEW: CVE-2020-8284 A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information ... (click for more) Severity: LOW https://t.co/k20fYzqadl

threatintelctr

NEW: CVE-2021-40491 The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl. Severity: MEDIUM https://t.co/F6ytkYyJWm

threatintelctr

NEW: CVE-2021-40491 The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl. Severity: MEDIUM https://t.co/F6ytkYgAIe