0.004 Low
EPSS
Percentile
72.1%
libcurl.so is vulnerable to TLS session resumption client certificate bypass attacks. The vulnerability exists in Curl_clone_ssl_config
of lib/vtls/vtls.c
where libcurl.so does not prevent the TLS session resumption if the client certificate has been replaced.
CPE | Name | Operator | Version |
---|---|---|---|
libcurl.so | le | 4.3.0 |
0.004 Low
EPSS
Percentile
72.1%