3 matches found
EulerOS 2.0 SP12 : curl (EulerOS-SA-2026-1386)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally an...
Security update for curl
This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105. CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. CVE-2025-14819: libssh global knownhost override bsc1255732. CVE-2025-15079: libssh key passphrase bypa...
CVE-2025-14017
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...