发布时间: 2022年5月18日
修改时间: 2024年10月31日
This issue with curl occurs due to a logical bug where the configuration matching function does not take into account the IPv6 address zone id, which can cause curl to reuse the wrong connection when one transfer uses the zone id and subsequent transfers use another.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | High | Low |
| Attack Vector | Network | Network |
| CVSS评分 | 7.5 | 2.6 |
| Attack Complexity | Low | High |
| Privileges Required | None | Low |
| Scope | Unchanged | Unchanged |
| Integrity | None | None |
| User Interaction | None | Required |
| Availability | None | None |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2022-1530 | curl security update | 2022年5月18日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-4A | curl | Fixed |
| KY3.4-5 | curl | Fixed |
| KY3.5.1 | curl | Fixed |
