Medium: curl

Issue Overview: No QUIC certificate pinning with GnuTLS NOTE: https://curl.se/docs/CVE-2025-13034.html NOTE: Introduced with: https://github.com/curl/curl/commit/3210101088dfa3d6a125d213226b092f2f866722 curl-880 NOTE: Fixed by:...

SUSE-SU-2026:20358-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105...

broken TLS options for threaded LDAPS

...

CVE-2025-14017

When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...

curl 安全漏洞

curl is a cURL open source tool for transferring data from or to a server. A security vulnerability exists in curl that stems from a global change to the TLS option in multi-threaded LDAPS transfers, which could cause certificate validation to be accidentally disabled...

DEBIAN-CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

foreman: lack of SSL certificate validation when performing LDAPS authentication

It was found that when making an SSL connection to an LDAP authentication source in Foreman, the remote server certificate was accepted without any verification against known certificate authorities, potentially making TLS connections vulnerable to man-in-the-middle attacks...

foreman: lack of SSL certificate validation when performing LDAPS authentication

It was found that when making an SSL connection to an LDAP authentication source in Foreman, the remote server certificate was accepted without any verification against known certificate authorities, potentially making TLS connections vulnerable to man-in-the-middle attacks...

CVE-2011-2014

The LDAP over SSL aka LDAPS implementation in Active Directory, Active Directory Application Mode ADAM, and Active Directory Lightweight Directory Service AD LDS in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7...

PT-2011-3552 · Microsoft · Windows Xp +7

Name of the Vulnerable Software and Affected Versions: Active Directory versions prior to the fixed version Active Directory Application Mode ADAM versions prior to the fixed version Active Directory Lightweight Directory Service AD LDS versions prior to the fixed version Microsoft Windows XP...

PT-2005-3992 · Microsoft · Windows 2000

Name of the Vulnerable Software and Affected Versions: Microsoft Windows 2000 versions prior to Update Rollup 1 for SP4 Description: The issue concerns the LDAP client accepting certificates using LDAPS even when the Certificate Authority CA is not trusted. This could allow attackers to trick use...