VYPR
Low severity3.7NVD Advisory· Published Dec 14, 2020· Updated Apr 16, 2026

CVE-2020-8284

CVE-2020-8284

Description

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

67

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.