ALPINE-CVE-2017-1000101

Advisory lineage Upstream: 1 Downstream: 0
Published: 05 Oct 2017, 01:29
Last modified:03 Dec 2025, 22:35

Vulnerability Summary

Overall Risk (default)
medium
26/100
CVSS Score
6.5 MEDIUM
3.0 (osv_alpine)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

05 Oct 2017, 01:29
Published
Vulnerability first disclosed
03 Dec 2025, 22:35
Last Modified
Vulnerability information updated

Description

curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.

CVSS Metrics

  • v3.0MEDIUMScore: 6.5CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected Systems

  • alpinecurl

    < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0 | < 7.55.0-r0

References (1)