curl 安全漏洞

curl is a tool for transferring data from or to a server. A security vulnerability exists in curl versions 7.82.0 through 7.83.0, which stems from the fact that curl's HSTS checks can be bypassed, allowing it to continue using the HTTP protocol...

AZL-6368 CVE-2021-22945 affecting package curl for versions less than 7.82.0-1

When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...