Description
curl: Use-after-free in TLS session handling when using OpenSSL TLS backend.
httpd: NULL pointer dereference on specially crafted HTTP/2 request.
libcurl: partial password leak over DNS on HTTP redirect.
curl: FTP PASV command response can cause curl to connect to arbitrary host.
curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used.
curl: Inferior OCSP verification.
curl: Leak of authentication credentials in URL via automatic Referer.
curl: TLS 1.3 session ticket mix-up with HTTPS proxy host.