curl is vulnerable to Information Disclosure. curls HSTS support allows the use of HTTPS instead of HTTP but the HSTS could fail when used subsequently on the same command line leading to Cleartext Transmission which allows an attacker to gain access to sensitive information.
hackerone.com/reports/1826048
hackerone.com/reports/1874716
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.14/main.yaml
secdb.alpinelinux.org/v3.15/main.yaml
secdb.alpinelinux.org/v3.16/main.yaml
secdb.alpinelinux.org/v3.17/main.yaml
security.gentoo.org/glsa/202310-12
security.netapp.com/advisory/ntap-20230309-0006/