libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
haxx curl |
||
debian debian linux 10.0 |
||
debian debian linux 11.0 |
||
netapp hci_bootstrap_os - |
||
netapp clustered data ontap - |
||
netapp solidfire \\& hci management node - |
||
netapp hci compute node - |
||
netapp solidfire\\, enterprise sds \\& hci storage node - |
||
netapp h300s_firmware - |
||
netapp h500s_firmware - |
||
netapp h700s_firmware - |
||
netapp h410s_firmware - |
||
splunk universal forwarder 9.1.0 |
||
splunk universal forwarder |