Lucene search
+L

3028 matches found

OSV
OSV
added 2026/06/24 2:0 p.m.6 views

UBUNTU-CVE-2026-10536

A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via CURLOPTSTREAMDEPENDS or CURLOPTSTREAMDEPENDSE, subsequently invokes curleasyreset, and finally terminates the handle with curleasycleanup. During this final cleanup phase, libcurl...

9.8CVSS6.1AI score0.00891EPSS
Exploits1References4
OSV
OSV
added 2026/06/24 2:0 p.m.5 views

UBUNTU-CVE-2026-9545

In this scenario, libcurl first uses a proper HTTP/3 server for the initial transfers, and when it makes a second transfer to the same site it has been replaced by the attacker's impostor machine - without a valid certificate. When libcurl returns to the hostname the second time with a cached SSL...

7.5CVSS6AI score0.00408EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/06/24 12:18 p.m.3 views

curl: libcurl: curl/libcurl: Remote denial of service via QUIC UDP receive function vulnerability

A flaw was found in curl and libcurl. A malicious HTTP/3 server can exploit an issue in the QUIC UDP receive function by continuously streaming empty UDP datagrams. This can lead to a remote denial of service DoS against a curl or libcurl client, as the helper function discards zero-length UDP...

7.5CVSS6.1AI score0.0101EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/06/24 12:18 p.m.3 views

libcurl: libcurl: Information disclosure due to persistent Referer header

A flaw was found in libcurl. This vulnerability causes the HTTP Referer header to persist even after it has been explicitly cleared. This can lead to the previous referrer string being unintentionally reused and sent in subsequent requests, potentially disclosing sensitive information to unintend...

7.5CVSS6AI score0.00652EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/06/24 12:18 p.m.3 views

libcurl: libcurl: Use-after-free via curl_easy_pause() in CURLMOPT_SOCKETFUNCTION callback

A flaw was found in libcurl. When curleasypause is called within the event-based CURLMOPTSOCKETFUNCTION callback, a use-after-free vulnerability is triggered. This occurs because libcurl attempts to store a flag using a pointer to memory that has already been freed. An attacker could potentially...

7.3CVSS6.2AI score0.00494EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/06/24 12:18 p.m.4 views

libcurl: libcurl: Security feature bypass due to improper mTLS connection reuse

A flaw was found in curl. The libcurl library, used for transferring data with URLs, could improperly reuse existing network connections. This occurred even when changes to mutual Transport Layer Security mTLS settings, particularly those for client certificates, should have prevented such reuse...

7.5CVSS6.2AI score0.00368EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/06/24 12:18 p.m.3 views

libcurl: libcurl: Information disclosure due to uncleared proxy authentication state

A flaw was found in libcurl. When reusing a libcurl handle for sequential transfers with environment-variable proxy configuration, the library does not properly clear the proxy authentication state. This oversight can lead to the unintended disclosure of Proxy-Authorization headers to an incorrec...

9.1CVSS6AI score0.00752EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/06/24 12:18 p.m.2 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: curl: curl-8.21.0-0.1.hum1 aarch64, x8664 libcurl-8.21.0-0.1.hum1 aarch64, x8664 libcurl-devel-8.21.0-0.1.hum1 aarch64, x8664 libcurl-minimal-8.21.0-0.1.hum1 aarch64, x8664 curl-8.21.0-0.1.hum1.s...

9.8CVSS6.2AI score0.0108EPSS
Exploits16References18
curl security advisories
curl security advisories
added 2026/06/24 8:0 a.m.7 views

proto-default skips SSH verification

When a user invokes curl using a schemeless URL combined with --proto-default sftp or scp, a disconnect occurs between the tool layer and libcurl. The tool layer incorrectly infers the URL scheme, which erroneously bypasses the initialization of critical SSH security options like...

7.5CVSS6AI score0.00574EPSS
Exploits1References1Affected Software2
curl security advisories
curl security advisories
added 2026/06/24 8:0 a.m.8 views

HTTP/2 stream-dependency tree UAF

A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via CURLOPTSTREAMDEPENDS or CURLOPTSTREAMDEPENDSE, subsequently invokes curleasyreset, and finally terminates the handle with curleasycleanup. During this final cleanup phase, libcurl...

9.8CVSS5.9AI score0.00891EPSS
Exploits1References1Affected Software2
curl security advisories
curl security advisories
added 2026/06/24 8:0 a.m.7 views

env-set cross-proxy Digest auth state leak

When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state between requests. Specifically, if the initial transfer authenticates against proxyA using Digest auth, a subsequent transfer routed...

9.1CVSS5.8AI score0.00752EPSS
Exploits1References1Affected Software2
OSV
OSV
added 2026/06/24 8:0 a.m.19 views

CURL-CVE-2026-10536 HTTP/2 stream-dependency tree UAF

A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via CURLOPTSTREAMDEPENDS or CURLOPTSTREAMDEPENDSE, subsequently invokes curleasyreset, and finally terminates the handle with curleasycleanup. During this final cleanup phase, libcurl...

9.8CVSS5.9AI score0.00891EPSS
Exploits1
OSV
OSV
added 2026/06/24 8:0 a.m.6 views

CURL-CVE-2026-8927 env-set cross-proxy Digest auth state leak

When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state between requests. Specifically, if the initial transfer authenticates against proxyA using Digest auth, a subsequent transfer routed...

9.1CVSS5.8AI score0.00752EPSS
Exploits1
OSV
OSV
added 2026/06/24 8:0 a.m.8 views

CURL-CVE-2026-9080 UAF after pause in socket callback

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

7.3CVSS5.7AI score0.00494EPSS
Exploits1
OSV
OSV
added 2026/06/24 8:0 a.m.9 views

CURL-CVE-2026-11856 cross-origin Digest auth state leak

Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...

9.8CVSS5.9AI score0.01064EPSS
Exploits1
OSV
OSV
added 2026/06/24 8:0 a.m.12 views

CURL-CVE-2026-9546 sending old referer

A vulnerability in libcurl caused the HTTP Referer: header to persist even when explicitly cleared. While the documentation states that passing NULL to CURLOPTREFERER suppresses the header, the option failed to clear the internal state. As a result, the previous referrer string was erroneously...

7.5CVSS5.9AI score0.00652EPSS
Exploits1
OSV
OSV
added 2026/06/24 8:0 a.m.14 views

CURL-CVE-2026-8458 wrong reuse for different services

libcurl might in some circumstances reuse the wrong connection when asked to do Negotiate-authenticated ones, even when they are set to use different "services". libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When...

6.5CVSS5.8AI score0.00543EPSS
Exploits1
OSV
OSV
added 2026/06/24 8:0 a.m.32 views

CURL-CVE-2026-9079 stale proxy password leak

libcurl had a flaw that when instructed to clear proxy authentication credentials which made it not do so, leaving the old credentials around to get used for subsequent transfers that should not know nor use them...

9.8CVSS5.8AI score0.01064EPSS
Exploits1
curl security advisories
curl security advisories
added 2026/06/24 8:0 a.m.8 views

cross-origin Digest auth state leak

Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...

9.8CVSS5.9AI score0.01064EPSS
Exploits1References1Affected Software2
curl security advisories
curl security advisories
added 2026/06/24 8:0 a.m.11 views

Native CA trust persist

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA...

9.1CVSS5.9AI score0.0061EPSS
Exploits1References1Affected Software2
Rows per page
Query Builder