2 matches found
CVE-2021-22897
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPTSSLCIPHERLIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising...
GLSA-201807-04 : cURL: Heap-based buffer overflow
The remote host is affected by the vulnerability described in GLSA-201807-04 cURL: Heap-based buffer overflow A heap-based buffer overflow was discovered in cURLs Curlsmtpescapeeob function. Impact : An attacker could cause a Denial of Service condition or execute arbitrary code via SMTP...