OpenSSL partial chain store policy bypass_CVE-2025-14819

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Description

When doing TLS related transfers with reused easy or multi handles and
altering the `CURLSSLOPT_NO_PARTIALCHAIN` option, libcurl could accidentally
reuse a CA store cached in memory for which the partial chain option was
reversed. Contrary to the user's wishes and expectations. This could make
libcurl find and accept a trust chain that it otherwise would not.

Basic Information

ID CVE-2025-14819

Source curl

Published Jan 8, 2026 at 10:07

Modified Jan 8, 2026 at 15:02

Affected Product

Vendor curl

Product curl

Version 8.17.0

Affected Versions curl curl 8.17.0
curl curl 8.16.0
curl curl 8.15.0
curl curl 8.14.1
curl curl 8.14.0
curl curl 8.13.0
curl curl 8.12.1
curl curl 8.12.0
curl curl 8.11.1
curl curl 8.11.0
curl curl 8.10.1
curl curl 8.10.0
curl curl 8.9.1
curl curl 8.9.0
curl curl 8.8.0
curl curl 8.7.1
curl curl 8.7.0
curl curl 8.6.0
curl curl 8.5.0
curl curl 8.4.0
curl curl 8.3.0
curl curl 8.2.1
curl curl 8.2.0
curl curl 8.1.2
curl curl 8.1.1
curl curl 8.1.0
curl curl 8.0.1
curl curl 8.0.0
curl curl 7.88.1
curl curl 7.88.0
curl curl 7.87.0

CWE Classification

CWE-295

References

{
    "lastseen": "",
    "description": "When doing TLS related transfers with reused easy or multi handles and\naltering the  `CURLSSLOPT_NO_PARTIALCHAIN` option, libcurl could accidentally\nreuse a CA store cached in memory for which the partial chain option was\nreversed. Contrary to the user's wishes and expectations. This could make\nlibcurl find and accept a trust chain that it otherwise would not.",
    "published": "2026-01-08T10:07:54.408Z",
    "modified": "2026-01-08T15:02:04.303Z",
    "type": "cve",
    "title": "OpenSSL partial chain store policy bypass",
    "source": "curl",
    "references": "https://curl.se/docs/CVE-2025-14819.json\nhttps://curl.se/docs/CVE-2025-14819.html",
    "id": "CVE-2025-14819",
    "bulletinFamily": "",
    "cwe": [
        "CWE-295"
    ],
    "cvelist": null,
    "sourceData": "curl curl 8.17.0\ncurl curl 8.16.0\ncurl curl 8.15.0\ncurl curl 8.14.1\ncurl curl 8.14.0\ncurl curl 8.13.0\ncurl curl 8.12.1\ncurl curl 8.12.0\ncurl curl 8.11.1\ncurl curl 8.11.0\ncurl curl 8.10.1\ncurl curl 8.10.0\ncurl curl 8.9.1\ncurl curl 8.9.0\ncurl curl 8.8.0\ncurl curl 8.7.1\ncurl curl 8.7.0\ncurl curl 8.6.0\ncurl curl 8.5.0\ncurl curl 8.4.0\ncurl curl 8.3.0\ncurl curl 8.2.1\ncurl curl 8.2.0\ncurl curl 8.1.2\ncurl curl 8.1.1\ncurl curl 8.1.0\ncurl curl 8.0.1\ncurl curl 8.0.0\ncurl curl 7.88.1\ncurl curl 7.88.0\ncurl curl 7.87.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "curl",
    "version": "8.17.0",
    "vendor": "curl",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}