curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

Affected Software

CPE Name Name Version
haxx:libcurl haxx libcurl 7.74.0
debian:debian_linux debian debian linux 9.0
debian:debian_linux debian debian linux 10.0
fedoraproject:fedora fedoraproject fedora 32
fedoraproject:fedora fedoraproject fedora 33
netapp:clustered_data_ontap netapp clustered data ontap -
netapp:solidfire netapp solidfire -
netapp:hci_management_node netapp hci management node -
netapp:hci_bootstrap_os netapp hci bootstrap os -
netapp:hci_storage_node_firmware netapp hci storage node firmware -
apple:mac_os_x apple mac os x 10.14.6
apple:mac_os_x apple mac os x 10.15.7
apple:macos apple macos 11.3
oracle:peoplesoft_enterprise_peopletools oracle peoplesoft enterprise peopletools 8.58
oracle:communications_billing_and_revenue_management oracle communications billing and revenue management
oracle:essbase oracle essbase 21.2
oracle:communications_cloud_native_core_policy oracle communications cloud native core policy 1.14.0
fujitsu:m10-1_firmware fujitsu m10-1 firmware xcp2410
fujitsu:m10-4_firmware fujitsu m10-4 firmware xcp2410
fujitsu:m10-4s_firmware fujitsu m10-4s firmware xcp2410
fujitsu:m12-1_firmware fujitsu m12-1 firmware xcp2410
fujitsu:m12-2_firmware fujitsu m12-2 firmware xcp2410
fujitsu:m12-2s_firmware fujitsu m12-2s firmware xcp2410
fujitsu:m10-1_firmware fujitsu m10-1 firmware xcp3110
fujitsu:m10-4_firmware fujitsu m10-4 firmware xcp3110
fujitsu:m10-4s_firmware fujitsu m10-4s firmware xcp3110
fujitsu:m12-1_firmware fujitsu m12-1 firmware xcp3110
fujitsu:m12-2_firmware fujitsu m12-2 firmware xcp3110
fujitsu:m12-2s_firmware fujitsu m12-2s firmware xcp3110
siemens:sinec_infrastructure_network_services siemens sinec infrastructure network services