3 matches found
CLSA-2026-1776847322 curl: Fix of 3 CVEs
CVE-2022-27781: add limit of certificates which can be traversed breaking infinite loop in NSS cert verification - CVE-2023-27533: prevent TELNET option from IAC injection - CVE-2023-27534: fix SFTP path '' resolving discrepancy...
curl: TELNET option IAC injection
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
CLSA-2023-1681491543 curl: Fix of 3 CVEs
CVE-2023-27533: prevent TELNET option from IAC injection - CVE-2023-27535: fix behavior when FTP too eager connection reuse - CVE-2023-27536: do not reuse connections with different GSS delegations...