The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.1 | 9.8 | Critical | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Product | Vendor | Version |
|---|---|---|
| curl and libcurl before 7.57.0 | n/a | n/a |
| curl and libcurl before 7.57.0 | n/a | n/a |