7 matches found
JLSEC-2025-28 libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if ...
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...
CVE-2022-27775
A vulnerability was found in curl. This security flaw occurs due to errors in the logic where the config matching function did not take the IPv6 address zone id into account. This issue can lead to curl reusing the wrong connection when one transfer uses a zone id, and the subsequent transfer use...
EulerOS 2.0 SP8 : curl (EulerOS-SA-2021-2457)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - curl 7.1.1 to and including 7.75.0 is vulnerable to an 'Exposure of Private Personal Information to an Unauthorized Actor' by leaking credentials ...
Bad connection reuse due to flawed path name checks
libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse, if one of them matches the setup. Due to errors in the logic, the config matching function did not take 'issuer cert' into account and it compared the involved paths case insensitively, which could...
CVE-2021-22924
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...
UBUNTU-CVE-2021-22924
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...
PT-2021-4598 · Libcurl +8 · Libcurl +8
Name of the Vulnerable Software and Affected Versions: libcurl affected versions not specified Description: The issue arises from errors in the logic of libcurl's config matching function, which does not account for the 'issuercert' and compares file paths case insensitively. This could lead to...