suse · CVE-2017-8817

Quick triage

Priority: medium Published: 2021-05-30 13:56:21 UTC Updated: 2026-04-17 16:10:16 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-8817 severity moderate: SUSE including 319 source package names (0.9.1:libcurl4-7.37.0-37.11.3, 1.0.0:libcurl4-7.37.0-37.11.3, …), 423 product×package rows across 82 product lines (Container caasp/v4/default-http-backend, Container caasp/v4/dnsmasq-nanny, … (82 product lines)): Fixed 199, Known Affected 157, Known Not Affected 67.

Description:

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

cvelogic Threat Intelligence