broken TLS options for threaded LDAPS_CVE-2025-14017

6.3 / 10

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Description

When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl,
changing TLS options in one thread would inadvertently change them globally
and therefore possibly also affect other concurrently setup transfers.

Disabling certificate verification for a specific transfer could
unintentionally disable the feature for other threads as well.

Basic Information

ID CVE-2025-14017

Source curl

Published Jan 8, 2026 at 10:07

Modified Jan 16, 2026 at 15:39

Affected Product

Vendor curl

Product curl

Version 8.17.0

Affected Versions curl curl 8.17.0
curl curl 8.16.0
curl curl 8.15.0
curl curl 8.14.1
curl curl 8.14.0
curl curl 8.13.0
curl curl 8.12.1
curl curl 8.12.0
curl curl 8.11.1
curl curl 8.11.0
curl curl 8.10.1
curl curl 8.10.0
curl curl 8.9.1
curl curl 8.9.0
curl curl 8.8.0
curl curl 8.7.1
curl curl 8.7.0
curl curl 8.6.0
curl curl 8.5.0
curl curl 8.4.0
curl curl 8.3.0
curl curl 8.2.1
curl curl 8.2.0
curl curl 8.1.2
curl curl 8.1.1
curl curl 8.1.0
curl curl 8.0.1
curl curl 8.0.0
curl curl 7.88.1
curl curl 7.88.0
curl curl 7.87.0
curl curl 7.86.0
curl curl 7.85.0
curl curl 7.84.0
curl curl 7.83.1
curl curl 7.83.0
curl curl 7.82.0
curl curl 7.81.0
curl curl 7.80.0
curl curl 7.79.1
curl curl 7.79.0
curl curl 7.78.0
curl curl 7.77.0
curl curl 7.76.1
curl curl 7.76.0
curl curl 7.75.0
curl curl 7.74.0
curl curl 7.73.0
curl curl 7.72.0
curl curl 7.71.1
curl curl 7.71.0
curl curl 7.70.0
curl curl 7.69.1
curl curl 7.69.0
curl curl 7.68.0
curl curl 7.67.0
curl curl 7.66.0
curl curl 7.65.3
curl curl 7.65.2
curl curl 7.65.1
curl curl 7.65.0
curl curl 7.64.1
curl curl 7.64.0
curl curl 7.63.0
curl curl 7.62.0
curl curl 7.61.1
curl curl 7.61.0
curl curl 7.60.0
curl curl 7.59.0
curl curl 7.58.0
curl curl 7.57.0
curl curl 7.56.1
curl curl 7.56.0
curl curl 7.55.1
curl curl 7.55.0
curl curl 7.54.1
curl curl 7.54.0
curl curl 7.53.1
curl curl 7.53.0
curl curl 7.52.1
curl curl 7.52.0
curl curl 7.51.0
curl curl 7.50.3
curl curl 7.50.2
curl curl 7.50.1
curl curl 7.50.0
curl curl 7.49.1
curl curl 7.49.0
curl curl 7.48.0
curl curl 7.47.1
curl curl 7.47.0
curl curl 7.46.0
curl curl 7.45.0
curl curl 7.44.0
curl curl 7.43.0
curl curl 7.42.1
curl curl 7.42.0
curl curl 7.41.0
curl curl 7.40.0
curl curl 7.39.0
curl curl 7.38.0
curl curl 7.37.1
curl curl 7.37.0
curl curl 7.36.0
curl curl 7.35.0
curl curl 7.34.0
curl curl 7.33.0
curl curl 7.32.0
curl curl 7.31.0
curl curl 7.30.0
curl curl 7.29.0
curl curl 7.28.1
curl curl 7.28.0
curl curl 7.27.0
curl curl 7.26.0
curl curl 7.25.0
curl curl 7.24.0
curl curl 7.23.1
curl curl 7.23.0
curl curl 7.22.0
curl curl 7.21.7
curl curl 7.21.6
curl curl 7.21.5
curl curl 7.21.4
curl curl 7.21.3
curl curl 7.21.2
curl curl 7.21.1
curl curl 7.21.0
curl curl 7.20.1
curl curl 7.20.0
curl curl 7.19.7
curl curl 7.19.6
curl curl 7.19.5
curl curl 7.19.4
curl curl 7.19.3
curl curl 7.19.2
curl curl 7.19.1
curl curl 7.19.0
curl curl 7.18.2
curl curl 7.18.1
curl curl 7.18.0
curl curl 7.17.1
curl curl 7.17.0

References

{
    "lastseen": "",
    "description": "When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl,\nchanging TLS options in one thread would inadvertently change them globally\nand therefore possibly also affect other concurrently setup transfers.\n\nDisabling certificate verification for a specific transfer could\nunintentionally disable the feature for other threads as well.",
    "published": "2026-01-08T10:07:05.554Z",
    "modified": "2026-01-16T15:39:54.513Z",
    "type": "cve",
    "title": "broken TLS options for threaded LDAPS",
    "source": "curl",
    "references": "https://curl.se/docs/CVE-2025-14017.json\nhttps://curl.se/docs/CVE-2025-14017.html",
    "id": "CVE-2025-14017",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "curl curl 8.17.0\ncurl curl 8.16.0\ncurl curl 8.15.0\ncurl curl 8.14.1\ncurl curl 8.14.0\ncurl curl 8.13.0\ncurl curl 8.12.1\ncurl curl 8.12.0\ncurl curl 8.11.1\ncurl curl 8.11.0\ncurl curl 8.10.1\ncurl curl 8.10.0\ncurl curl 8.9.1\ncurl curl 8.9.0\ncurl curl 8.8.0\ncurl curl 8.7.1\ncurl curl 8.7.0\ncurl curl 8.6.0\ncurl curl 8.5.0\ncurl curl 8.4.0\ncurl curl 8.3.0\ncurl curl 8.2.1\ncurl curl 8.2.0\ncurl curl 8.1.2\ncurl curl 8.1.1\ncurl curl 8.1.0\ncurl curl 8.0.1\ncurl curl 8.0.0\ncurl curl 7.88.1\ncurl curl 7.88.0\ncurl curl 7.87.0\ncurl curl 7.86.0\ncurl curl 7.85.0\ncurl curl 7.84.0\ncurl curl 7.83.1\ncurl curl 7.83.0\ncurl curl 7.82.0\ncurl curl 7.81.0\ncurl curl 7.80.0\ncurl curl 7.79.1\ncurl curl 7.79.0\ncurl curl 7.78.0\ncurl curl 7.77.0\ncurl curl 7.76.1\ncurl curl 7.76.0\ncurl curl 7.75.0\ncurl curl 7.74.0\ncurl curl 7.73.0\ncurl curl 7.72.0\ncurl curl 7.71.1\ncurl curl 7.71.0\ncurl curl 7.70.0\ncurl curl 7.69.1\ncurl curl 7.69.0\ncurl curl 7.68.0\ncurl curl 7.67.0\ncurl curl 7.66.0\ncurl curl 7.65.3\ncurl curl 7.65.2\ncurl curl 7.65.1\ncurl curl 7.65.0\ncurl curl 7.64.1\ncurl curl 7.64.0\ncurl curl 7.63.0\ncurl curl 7.62.0\ncurl curl 7.61.1\ncurl curl 7.61.0\ncurl curl 7.60.0\ncurl curl 7.59.0\ncurl curl 7.58.0\ncurl curl 7.57.0\ncurl curl 7.56.1\ncurl curl 7.56.0\ncurl curl 7.55.1\ncurl curl 7.55.0\ncurl curl 7.54.1\ncurl curl 7.54.0\ncurl curl 7.53.1\ncurl curl 7.53.0\ncurl curl 7.52.1\ncurl curl 7.52.0\ncurl curl 7.51.0\ncurl curl 7.50.3\ncurl curl 7.50.2\ncurl curl 7.50.1\ncurl curl 7.50.0\ncurl curl 7.49.1\ncurl curl 7.49.0\ncurl curl 7.48.0\ncurl curl 7.47.1\ncurl curl 7.47.0\ncurl curl 7.46.0\ncurl curl 7.45.0\ncurl curl 7.44.0\ncurl curl 7.43.0\ncurl curl 7.42.1\ncurl curl 7.42.0\ncurl curl 7.41.0\ncurl curl 7.40.0\ncurl curl 7.39.0\ncurl curl 7.38.0\ncurl curl 7.37.1\ncurl curl 7.37.0\ncurl curl 7.36.0\ncurl curl 7.35.0\ncurl curl 7.34.0\ncurl curl 7.33.0\ncurl curl 7.32.0\ncurl curl 7.31.0\ncurl curl 7.30.0\ncurl curl 7.29.0\ncurl curl 7.28.1\ncurl curl 7.28.0\ncurl curl 7.27.0\ncurl curl 7.26.0\ncurl curl 7.25.0\ncurl curl 7.24.0\ncurl curl 7.23.1\ncurl curl 7.23.0\ncurl curl 7.22.0\ncurl curl 7.21.7\ncurl curl 7.21.6\ncurl curl 7.21.5\ncurl curl 7.21.4\ncurl curl 7.21.3\ncurl curl 7.21.2\ncurl curl 7.21.1\ncurl curl 7.21.0\ncurl curl 7.20.1\ncurl curl 7.20.0\ncurl curl 7.19.7\ncurl curl 7.19.6\ncurl curl 7.19.5\ncurl curl 7.19.4\ncurl curl 7.19.3\ncurl curl 7.19.2\ncurl curl 7.19.1\ncurl curl 7.19.0\ncurl curl 7.18.2\ncurl curl 7.18.1\ncurl curl 7.18.0\ncurl curl 7.17.1\ncurl curl 7.17.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "curl",
    "version": "8.17.0",
    "vendor": "curl",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply