libcurl.so is vulnerable to information disclosures. When running with the --write-out
command, the application skips the end of the string zero byte if the string ends with %
or \\\\
, causing the application to read out of the buffer and disclose sensitive information.