5 matches found
curl: more POST-after-PUT confusion
A use-after-free flaw was found in the Curl package. This issue may lead to unintended information disclosure by the application...
curl: cookie injection with none file
A flaw was found in the Curl package. This flaw allows an attacker to insert cookies into a running program using libcurl if the specific series of conditions are met...
curl: GSS delegation too eager connection re-use
A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, the GSS delegation setting was left out from the configuration match checks, making them match too easily, affecting...
curl: GSS delegation too eager connection re-use
A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, the GSS delegation setting was left out from the configuration match checks, making them match too easily, affecting...
curl: HTTP multi-header compression denial of service
A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. This decompression chain could result in out-of-memory errors...