Debian 7 Updates: curl libcurl3, scheduled 1 year ago
Package : curl
Version : 7.26.0-1+wheezy23
CVE ID : CVE-2017-8817
Fuzzing by the OSS-Fuzz project led to the discovery of a read out of
bounds flaw in the FTP wildcard function in libcurl. A malicious
server could redirect a libcurl-based client to an URL using a
wildcard pattern, triggering the out-of-bound read.