Yamada Yasuharu discovered that cURL, an URL transfer library, is vulnerable to expose potentially sensitive information when doing requests across domains with matching tails. Due to a bug in the tailmatch function when matching domain names, it was possible that cookies set for a domain "ample.com" could accidentally also be sent by libcurl when communicating with "example.com". Both curl the command line tool and applications using the libcurl library are vulnerable.