{"id":"CURL-CVE-2025-14819","summary":"OpenSSL partial chain store policy bypass","details":"When doing TLS related transfers with reused easy or multi handles and\naltering the `CURLSSLOPT_NO_PARTIALCHAIN` option, libcurl could accidentally\nreuse a CA store cached in memory for which the partial chain option was\nreversed. Contrary to the user's wishes and expectations. This could make\nlibcurl find and accept a trust chain that it otherwise would not.","aliases":["CVE-2025-14819"],"modified":"2026-04-25T20:22:28.029998Z","published":"2026-01-07T08:00:00Z","database_specific":{"award":{"currency":"USD","amount":"505"},"www":"https://curl.se/docs/CVE-2025-14819.html","last_affected":"8.17.0","URL":"https://curl.se/docs/CVE-2025-14819.json","CWE":{"desc":"Improper Certificate Validation","id":"CWE-295"},"package":"curl","severity":"Low","affects":"lib"},"affected":[{"ranges":[{"type":"SEMVER","events":[{"introduced":"7.87.0"},{"fixed":"8.18.0"}]},{"type":"GIT","repo":"https://github.com/curl/curl.git","events":[{"introduced":"3c16697ebd796f799227be293e8689aec5f8190d"},{"fixed":"cd046f6c93b39d673a58c18648d8906e954c4f5d"}]}],"versions":["8.17.0","8.16.0","8.15.0","8.14.1","8.14.0","8.13.0","8.12.1","8.12.0","8.11.1","8.11.0","8.10.1","8.10.0","8.9.1","8.9.0","8.8.0","8.7.1","8.7.0","8.6.0","8.5.0","8.4.0","8.3.0","8.2.1","8.2.0","8.1.2","8.1.1","8.1.0","8.0.1","8.0.0","7.88.1","7.88.0","7.87.0"],"database_specific":{"source":"https://curl.se/docs/CURL-CVE-2025-14819.json","vanir_signatures_modified":"2026-04-25T20:22:28Z","vanir_signatures":[{"source":"https://github.com/curl/curl.git/commit/cd046f6c93b39d673a58c18648d8906e954c4f5d","signature_type":"Line","target":{"file":"lib/vtls/openssl.c"},"signature_version":"v1","digest":{"line_hashes":["24588455602216783009959061991887153723","243701758830433755857599459337560932311","225258800236710769903859054969586838060","25990538584220050479711915710575571691","221080617783384725085830623519279350718","31124868775110068899891426659678412176","333674099334117062775795045877545045154","278555971141726737408813484396304020447","29587246587727746256660267812476819099","134047099790352440304476359778886178105","324670335573142889270039762166547999130","19143372829455911221153103976660111384","96100141111474995885555286295067029292","94154993711893605014907642359703562429","155377724732839160525085331138014518194","78409159151496152838617197153848363397","139051814744622016641716648786056108245","107879594397819616396548832760494787335","82344319811393755681429678681193611120","67517866016963602950371437082415131771","245722058868568437459688414854125593042","263806445921468867449934754150834214724","121397601507164797038381705299090973409","99485680307282015236327817082621692383","2850679522155658156513395443321695664"],"threshold":0.9},"id":"CURL-CVE-2025-14819-118b0836","deprecated":false},{"source":"https://github.com/curl/curl.git/commit/cd046f6c93b39d673a58c18648d8906e954c4f5d","signature_type":"Function","target":{"function":"ossl_get_cached_x509_store","file":"lib/vtls/openssl.c"},"signature_version":"v1","digest":{"function_hash":"52407666923541294948176968983100423552","length":466},"id":"CURL-CVE-2025-14819-94a6565e","deprecated":false},{"source":"https://github.com/curl/curl.git/commit/cd046f6c93b39d673a58c18648d8906e954c4f5d","signature_type":"Function","target":{"function":"ossl_set_cached_x509_store","file":"lib/vtls/openssl.c"},"signature_version":"v1","digest":{"function_hash":"323178333304777592372588309031391300565","length":930},"id":"CURL-CVE-2025-14819-c24eced9","deprecated":false},{"source":"https://github.com/curl/curl.git/commit/cd046f6c93b39d673a58c18648d8906e954c4f5d","signature_type":"Function","target":{"function":"ossl_cached_x509_store_different","file":"lib/vtls/openssl.c"},"signature_version":"v1","digest":{"function_hash":"27738876019811991671499804338568940198","length":240},"id":"CURL-CVE-2025-14819-e2decdde","deprecated":false}]}}],"schema_version":"1.7.5","credits":[{"name":"Stanislav Fort (Aisle Research)","type":"FINDER"},{"name":"Daniel Stenberg","type":"REMEDIATION_DEVELOPER"}]}