What the vulnerability does

01Description

curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.

Key dates

02Disclosure timeline

December 14, 2020 CVE published
April 15, 2026 Record updated