A flaw was found in libcurl in the way libcurl handles previously used connections without accounting for "issuer cert" and comparing the involved paths case-insensitively. This flaw allows libcurl to use the wrong connection. The highest threat from this vulnerability is to confidentiality