CVE-2025-14819

Discovered by AISLEPUBLISHEDCWE-295 Improper Certificate Validation

Description

When doing TLS related transfers with reused easy or multi handles and altering the `CURLSSLOPT_NO_PARTIALCHAIN` option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcurl find and accept a trust chain that it otherwise would not.

CVSS Base Scores

CVSS v3.1(Primary)

5.3

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Version	Status
curl	curl	8.17.0	affected
curl	curl	8.16.0	—
curl	curl	8.15.0	—
curl	curl	8.14.1	—
curl	curl	8.14.0	—
curl	curl	8.13.0	—
curl	curl	8.12.1	—
curl	curl	8.12.0	—
curl	curl	8.11.1	—
curl	curl	8.11.0	—
curl	curl	8.10.1	—
curl	curl	8.10.0	—
curl	curl	8.9.1	—
curl	curl	8.9.0	—
curl	curl	8.8.0	—
curl	curl	8.7.1	—
curl	curl	8.7.0	—
curl	curl	8.6.0	—
curl	curl	8.5.0	—
curl	curl	8.4.0	—
curl	curl	8.3.0	—
curl	curl	8.2.1	—
curl	curl	8.2.0	—
curl	curl	8.1.2	—
curl	curl	8.1.1	—
curl	curl	8.1.0	—
curl	curl	8.0.1	—
curl	curl	8.0.0	—
curl	curl	7.88.1	—
curl	curl	7.88.0	—
curl	curl	7.87.0	—

Credits

Stanislav Fort (Aisle Research)(finder)
Daniel Stenberg(remediation developer)

Description

CVSS Base Scores

Affected Products

Credits

References