VDB
CVE-2020-8284
CVE-2020-8284
PUBLISHED
EPSS 0.08% · 24.3th percentile
Risk Scores
EPSS Score
0.08%
24.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | curl |
Exploit Intelligence
- https://hackerone.com/reports/1040166 (nist-nvd)
- CVE-2020-8284: trusting FTP PASV responses (hackerone)
- CVE-2020-8284: trusting FTP PASV responses (hackerone)
- CVE-2020-8284: trusting FTP PASV responses (hackerone)
- lib/net/ftp.rb: trusting PASV responses allow client abuse (hackerone)
- lib/net/ftp.rb: trusting PASV responses allow client abuse (hackerone)
- lib/net/ftp.rb: trusting PASV responses allow client abuse (hackerone)
- FTP entrypath accepts 0xFF (Telnet IAC) through incomplete ISCNTRL filter, sent on wire via CWD on connection reuse (hackerone)
- [High] Arbitrary File Write via Path Traversal in cURL CLI (`-o`, `--output`) (CWE-22: Improper Limitation of a Pathname to a Restricted Directory) (hackerone)
- [High] Arbitrary File Write via Path Traversal in cURL CLI (`-o`, `--output`) (CWE-22: Improper Limitation of a Pathname to a Restricted Directory) (hackerone)
…and 22 more exploits
Timeline
- CVE Published
- Feb 9, 2021 PoC Published
- Apr 14, 2021 EPSS Score
- May 7, 2021 EPSS Score
- Jul 8, 2021 PoC Published
- Aug 24, 2021 EPSS Score
- Sep 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
References
- ALAS2-2021-1693: curl (medium) advisory