VDB

GCVE-110-MAGEIA-2020-282

GCVE-110-MAGEIA-2020-282
Advisory Published
Vulnetix · Advisory published July 5, 2020
Updated curl packages fix security vulnerabilities: libcurl can be tricked to prepend a part of the password to the host name before it resolves it, potentially leaking the partial password over the network and to the DNS server(s) (CVE-2020-8169). curl can be tricked by a malicious server to overwrite a local file when using -J (--remote-header-name) and -i (--include) in the same command line (CVE-2020-8177). The curl package has been updated to version 7.71.0, fixing these issues and other bugs.

Affected Products

VendorProductVersionsPlatforms
Mageiacurl0 (affected), 7.71.0-1.mga7 (unaffected)

Browse GCVE Records

73,053 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›