An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "curl-dbgsym": "7.58.0-2ubuntu3.17", "curl": "7.58.0-2ubuntu3.17", "libcurl4": "7.58.0-2ubuntu3.17", "libcurl4-gnutls-dev": "7.58.0-2ubuntu3.17", "libcurl4-dbgsym": "7.58.0-2ubuntu3.17", "libcurl3-nss": "7.58.0-2ubuntu3.17", "libcurl4-doc": "7.58.0-2ubuntu3.17", "libcurl3-nss-dbgsym": "7.58.0-2ubuntu3.17", "libcurl3-gnutls": "7.58.0-2ubuntu3.17", "libcurl3-gnutls-dbgsym": "7.58.0-2ubuntu3.17", "libcurl4-openssl-dev": "7.58.0-2ubuntu3.17", "libcurl4-nss-dev": "7.58.0-2ubuntu3.17" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "curl-dbgsym": "7.68.0-1ubuntu2.10", "curl": "7.68.0-1ubuntu2.10", "libcurl4": "7.68.0-1ubuntu2.10", "libcurl4-gnutls-dev": "7.68.0-1ubuntu2.10", "libcurl4-dbgsym": "7.68.0-1ubuntu2.10", "libcurl3-nss": "7.68.0-1ubuntu2.10", "libcurl4-doc": "7.68.0-1ubuntu2.10", "libcurl3-nss-dbgsym": "7.68.0-1ubuntu2.10", "libcurl3-gnutls": "7.68.0-1ubuntu2.10", "libcurl3-gnutls-dbgsym": "7.68.0-1ubuntu2.10", "libcurl4-openssl-dev": "7.68.0-1ubuntu2.10", "libcurl4-nss-dev": "7.68.0-1ubuntu2.10" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "curl-dbgsym": "7.81.0-1ubuntu1.1", "curl": "7.81.0-1ubuntu1.1", "libcurl4": "7.81.0-1ubuntu1.1", "libcurl4-gnutls-dev": "7.81.0-1ubuntu1.1", "libcurl4-dbgsym": "7.81.0-1ubuntu1.1", "libcurl3-nss": "7.81.0-1ubuntu1.1", "libcurl4-doc": "7.81.0-1ubuntu1.1", "libcurl3-nss-dbgsym": "7.81.0-1ubuntu1.1", "libcurl3-gnutls": "7.81.0-1ubuntu1.1", "libcurl3-gnutls-dbgsym": "7.81.0-1ubuntu1.1", "libcurl4-openssl-dev": "7.81.0-1ubuntu1.1", "libcurl4-nss-dev": "7.81.0-1ubuntu1.1" } ] }