curl: Use-After-Free in OpenSSL Keylog Callback via SSL_get_ex_data() in libcurl

July 9, 2025 invoker category_news

Security Update News

Update Information

Title curl: Use-After-Free in OpenSSL Keylog Callback via SSL_get_ex_data() in libcurl
Update ID H1:3242005
Type hackerone
Published 2025-07-09T03:04:29
Last Updated 2025-07-09T13:45:38

Security Impact

Severity NONE

AI Analysis

AI Description A use-after-free vulnerability in libcurl related to OpenSSL’s keylog callback could allow remote attackers to execute arbitrary code or cause a denial of service.
AI Severity High
AI Vendor cURL Project
AI Product libcurl

Update Details

Vulnerability description not provided

View Advisory Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.