2 matches found
curl 安全漏洞
curl is a cURL open source tool for transferring data from or to a server. A security vulnerability exists in curl that stems from the CURLOPTPINNEDPUBLICKEY option that skips public key checking under certain conditions, which could lead to connection forgery...
SUSE CVE-2010-1633
RSA verification recovery in the EVPPKEYverifyrecover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive...