CNNVD-202601-1547 Information

CNNVD ID

CNNVD-202601-1547

Related CVE

CVE-2025-14017

• CNNVD Published: 2026-01-08

Description (Chinese)

curl是cURL开源的一款用于从服务器传输数据或向服务器传输数据的工具。 curl存在安全漏洞，该漏洞源于多线程LDAPS传输中TLS选项全局更改，可能导致证书验证意外禁用。

Description (English)

Curl is a tool for the transfer of data from or to the server of the curL open source. There is a security loophole in Curl, which stems from a global change of the TLS option in the multi-wire LDAPS transfer, which could lead to an accidental disablement of the certificate.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

cURL

Published

2026-01-08

Last Modified

2026-02-24

References

https://curl.se/docs/CVE-2025-14017.html https://curl.se/docs/CVE-2025-14017.json http://www.openwall.com/lists/oss-security/2026/01/07/3

Patch

https://github.com/curl/curl/releases