6 matches found
BSA-2017-216
Security Advisory ID : BSA-2017-216 Component : libcurl Revision : 1.0: Interim curl andlibcurlbefore 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loade...
Authentication flaw
curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has...
CVE-2016-7141
CVE-2016-7141 affects curl/libcurl up to version 7.50.1 (before 7.50.2) when built with NSS and the libnsspem.so runtime library is available. The root issue is TLS client certificate reuse: a previously loaded client certificate from file could be reused for a new TLS connection that has no cert...
CVE-2016-7141
curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has...
CVE-2016-7141
curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has...
CVE-2016-7141
curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has...