daniel:// stenberg://May 31, 2023

CVE-2023-27536

Announced by the #curl project back in March 2023. We deem it severity Low. https://curl.se/docs/CVE-2023-27536.html

NVD, in their infinite wisdom, thinks this is a CRITICAL 9.8 flaw: https://nvd.nist.gov/vuln/detail/CVE-2023-27536

I wish I knew how to fix this annoying problem but talking or whining to NVD certainly does not seem to help.

curl - GSS delegation too eager connection re-use - CVE-2023-27536

Show threadAlex
@bagder
I think they wisened up some more and started serving a 503 for that link instead heh
May 31, 2023 at 7:11amWeb