ROS-20230407-21

A vulnerability in the libcurl library is related to an authentication bypass, in which libcurl reuses a a previously established SSH connection, even though the SSH parameter has been changed, which should have prevent reuse. Exploitation of the vulnerability could allow an attacker acting...

ALPINE-CVE-2023-27538

An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequen...

libcurl 授权问题漏洞

libcurl is a tool for transferring data from or to a server. An authorization issue vulnerability exists in libcurl version v8.0.0, which stems from the ability to reuse a previously established SSH connection and an authentication bypass vulnerability...

TLS and SSH connection too eager reuse

libcurl would reuse a previously created connection even when a TLS or SSH related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several TLS and...