Primary

Context

curl libcurl LDAPS Threading Vulnerability TLS Option Interference

Vulnerability

Patched

A vulnerability exists in curl's libcurl library when handling multi-threaded LDAPS (LDAP over TLS) transfers. In this scenario, modifying TLS options in one thread can unintentionally alter them globally, potentially impacting other concurrent transfers. This issue can lead to unintended consequences, such as disabling certificate verification for one transfer, which could inadvertently affect other threads as well. This vulnerability arises from unsynchronized access to shared data in a multi-threaded context, making it highly timing-sensitive.

Impact

The vulnerability can cause incorrect TLS behavior in multi-threaded LDAPS transfers, leading to potential security risks such as improper certificate verification.

Remediation

Users can upgrade to curl version 8.18.0, build curl with OpenLDAP, or avoid using LDAP altogether.

Added: Jan 8, 2026, 10:51 AM

Updated: Jan 8, 2026, 7:30 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.3

remediation

7.9

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.3

remediation

7.9

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

curl libcurl LDAPS Threading Vulnerability TLS Option Interference

Vulnerability

Impact

Remediation

Affected Products

curl

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating