curl: Inconsistent URL Parsing in curl Leading to Potential SSRF and Access Control Bypass
0x01 Summary An inconsistency in URL parsing within curl's URL handling leads to potential security risks such as Server-Side Request Forgery SSRF and access control bypasses. Specifically, when parsing URLs containing IPv6 addresses with zone identifiers e.g., http://fe80::1%25eth0/, curl's pars...