Description |
+ |
flaws in libcurl's connection pool could lead to exposure of sensitive information to an unauthorized actor |
- |
libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse, if one of them matches the setup. |
- |
|
- |
Due to errors in the logic, the config matching function did not take the IPv6 address zone id into account which could lead to libcurl reusing the wrong connection when one transfer uses a zone id and a subsequent transfer uses another (or no) zone id. |
|