Searching
..

Click anywhere to stop

KLA10815
Security bypass vulnerability in cURL

Updated: 01/22/2024
Detect date
?
05/18/2016
Severity
?
Warning
Description

An improper TLS connections handling was found in cURL. By exploiting this vulnerability malicious users can bypass sec. This vulnerability can be exploited remotely via TLS certificate manipulations.


Technical details

Libcurl affected only if mbedTLS or PolarSSL as TLS backend.

Affected products

cURL and libcurl versions earlier than 7.49.0

Solution

Update to the latest version
cURL download page

Original advisories

Vendor advisory

Impacts
?
SB 
[?]

SUI 
[?]
Related products
cURL
CVE-IDS
?
CVE-2016-37392.6Warning
Find out the statistics of the vulnerabilities spreading in your region