Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2024/01/25 8:12 a.m.2 views

curl: FTP too eager connection reuse

A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several FTP settings were left out from the configuration match checks, making them match too easily. The problematic...

5.9CVSS6.8AI score0.01607EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/05/16 10:16 a.m.6 views

curl: FTP too eager connection reuse

A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several FTP settings were left out from the configuration match checks, making them match too easily. The problematic...

5.9CVSS6.8AI score0.01607EPSS
Exploits1References5
OSV
OSV
added 2023/03/31 11:5 a.m.4 views

OESA-2023-1195 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However,...

9.8CVSS8.9AI score0.02195EPSS
Exploits5References6
curl security advisories
curl security advisories
added 2023/03/20 8:0 a.m.8 views

FTP too eager connection reuse

libcurl would reuse a previously created FTP connection even when one or more options had been changed that could have made the effective user a different one, thus leading to doing the second transfer with the wrong credentials. libcurl keeps previously used connections in a connection pool for...

5.9CVSS6.6AI score0.01607EPSS
Exploits1References1Affected Software2
Rows per page
Query Builder