CVE-2018-1000120: curl: FTP path trickery leads to NIL byte out of bounds write

Severity: Critical

CVSS Score: 9.8

A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.