0.001 Low
EPSS
Percentile
42.9%
Issue(s) reported by Trail of Bits. This is either one or two issues.
./src/curl 0 -x0:80 telnet:/[j-u][j-u]//0 -m 01
./src/curl 0 -x0:80 smb:/[j-u][j-u]//0 -m 01
Both command line ends up having libcurl access and use already freed heap-memory. For read and write.
See above, run with valgrind for full report.
I have a local HTTP server on localhost host port 80 that will send back a 502 on the CONNECT requests curl issues to it for these protocols.
See logs.
Use after free stuff.
0.001 Low
EPSS
Percentile
42.9%