CVE

CVE-2016-5419 (debian_linux, libcurl)

CVE-2016-5419 (debian_linux, libcurl)

curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers to bypass intended restrictions by resuming a session.

Source: CVE-2016-5419 (debian_linux, libcurl)

Exit mobile version