Lucene search
K

9 matches found

OSV
OSV
added 2026/05/04 1:12 p.m.6 views

JLSEC-2026-429 When doing TLS related transfers with reused easy or multi handles and altering the ...

When doing TLS related transfers with reused easy or multi handles and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcur...

5.3CVSS6AI score0.00679EPSS
Exploits0References5
Snyk
Snyk
added 2026/01/08 10:45 a.m.4 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the handling of TLS transfers when reusing easy or multi handles and modifying the CURLSSLOPTNOPARTIALCHAIN option. An attacker can cause the application to accept an unintended trust chain by exploiti...

6.8CVSS5.8AI score0.00679EPSS
Exploits0References2
NVD
NVD
added 2026/01/08 10:15 a.m.6 views

CVE-2025-14819

When doing TLS related transfers with reused easy or multi handles and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcur...

5.3CVSS0.00679EPSS
Exploits0References3
OSV
OSV
added 2026/01/08 10:15 a.m.4 views

CVE-2025-14819

When doing TLS related transfers with reused easy or multi handles and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcur...

5.3CVSS5.5AI score0.00679EPSS
Exploits0References3
OSV
OSV
added 2026/01/08 10:15 a.m.4 views

ALPINE-CVE-2025-14819

When doing TLS related transfers with reused easy or multi handles and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcur...

5.3CVSS6.9AI score0.00679EPSS
Exploits0References1
CVE
CVE
added 2026/01/08 10:7 a.m.32 views

CVE-2025-14819

CVE-2025-14819 concerns libcurl. When performing TLS transfers with reused easy/multi handles and altering CURLSSLOPT_NO_PARTIALCHAIN, libcurl could reuse a CA store cached in memory where the partial-chain setting was reversed, causing it to accept a trust chain it would otherwise reject. This i...

5.3CVSS6AI score0.00679EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2026/01/06 7:0 a.m.1 views

CVE-2025-14819

When doing TLS related transfers with reused easy or multi handles and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcur...

5.3CVSS6.1AI score0.00679EPSS
Exploits0References3
OSV
OSV
added 2023/06/10 11:5 a.m.3 views

OESA-2023-1346 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback...

5.9CVSS6.5AI score0.02211EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2022/10/26 12:0 a.m.5 views

PT-2022-5975

Name of the Vulnerable Software and Affected Versions libcurl versions prior to 7.86.0 Description When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPT READFUNCTION to ask for data to send, even when the CURLOPT POSTFIELDS option has been set, if the same handle...

10CVSS6.8AI score0.78854EPSS
Exploits10References342
Rows per page
Query Builder