curl: HTTP Request Smuggling Vulnerability Analysis - cURL Security Report

🗓️ 13 Jul 2025 13:42:11Reported by youssef111Type

hackerone

hackerone🔗 hackerone.com👁 23 Views

Analysis of HTTP Request Smuggling vulnerability in cURL Security Report for bug bounty programs

Reporter	Title	Published	Views	Family All 130
ALT Linux	Security fix for the ALT Linux 10 package golang version 1.12.10-alt1	10 Oct 201900:00	–	altlinux
IBM Security Bulletins	Security Bulletin: A Security Vulnerability affects IBM Cloud Private - Go (CVE-2019-16276)	9 Jun 202016:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Go	29 Aug 202008:59	–	ibm
IBM Security Bulletins	Security Bulletin: IBM API Connect is impacted by vulnerabilities in Golang (CVE-2019-17596 CVE-2019-16276)	27 Feb 202019:03	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Event Streams is affected by Go vulnerability CVE-2019-16276	11 Jun 202016:15	–	ibm
IBM Security Bulletins	Security Bulletin: Cloud Pak for Security contains packages that have multiple vulnerabilities	1 Apr 202216:38	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Go programming language affects IBM Spectrum Protect Server (CVE-2019-16276)	12 Jun 202022:03	–	ibm
FreeBSD	go -- invalid headers are normalized, allowing request smuggling	25 Sep 201900:00	–	freebsd
Tenable Nessus	Amazon Linux 2 : golang (ALAS-2019-1335)	25 Oct 201900:00	–	nessus
Tenable Nessus	Amazon Linux AMI : golang (ALAS-2019-1321)	25 Nov 201900:00	–	nessus

13 Jul 2025 14:39Current

7.8High risk

Vulners AI Score7.8

CVSS 25

CVSS 3.17.5

EPSS0.51798

http request smuggling vulnerability analysis curl security report bug bounty