CVE-2025-14017

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

08/01/2026

Last modified:

08/01/2026

Description

When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally disable the feature for other threads as well.

Impact

References to Advisories, Solutions, and Tools

https://curl.se/docs/CVE-2025-14017.html
https://curl.se/docs/CVE-2025-14017.json
http://www.openwall.com/lists/oss-security/2026/01/07/3