CVE-2013-6422 in cURL정보

요약

\~에 의해 MITRE

The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

출처

Do you need the next level of professionalism?

Upgrade your account now!