2 matches found
Astra Linux – Vulnerability in curl
There is a vulnerability in the handling of certificate validation in curl v8.1.0, particularly in how wildcard patterns are matched when listed as “Subject Alternative Name” in TLS server certificates. Curls can be modified to use its own name matching function for TLS, rather than the one...
PT-2023-3462 · Curl +11 · Curl +11
Name of the Vulnerable Software and Affected Versions: curl versions prior to 8.1.0 Description: The issue is related to improper certificate validation in the way curl supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. This could lead to...