medium severity
Do your applications use this vulnerable package?
Test your applications
Overview
Affected versions of this package are vulnerable to ALAS2-2020-1451. Package updates are available for Amazon Linux 2 that fix the following vulnerabilities: CVE-2020-8177: No description is available for this CVE. 1847915: CVE-2020-8177 curl: command line arguments lead to local file overwrite
Remediation
Upgrade curl to version or higher.
References
- CVE
- ALAS2-2020-1451
- Snyk ID
- SNYK-AMZN2-CURL-585084
- Published
- 16 Jul, 2020