103 matches found
CVE-2026-5545
libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTPS request after a Negotiate-authenticated one, when both use the same host. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid...
UBUNTU-CVE-2026-5545
libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTPS request after a Negotiate-authenticated one, when both use the same host. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid...
CURL-CVE-2026-5545 wrong reuse of HTTP Negotiate connection
libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTPS request after a Negotiate-authenticated one, when both use the same host. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid...
PT-2026-35892
Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description A logical error in the connection pooling mechanism allows libcurl to reuse an incorrect connection during authenticated HTTPS requests to the same host. If an application first performs a...
DNN: Same HostGUID For All New Installs
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. All new installations of DNN 10.x.x - 10.2.1 have the same Host GUID. This does not affect upgrades from 9.x.x. Version 10.2.2 patches the issue...
UBUNTU-CVE-2026-3805
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...
EUVD-2026-11141
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...
CVE-2026-3805
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...
CVE-2026-3805 use after free in SMB connection reuse
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...
CVE-2026-3805
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...
PT-2026-20350
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.13 @openclaw/bluebubbles versions prior to 2026.2.13 Description The optional BlueBubbles iMessage channel plugin could accept webhook requests as authenticated based solely on the TCP peer address being...
Astra Linux – Vulnerability in requests
Requests is an HTTP library. Prior to version 2.32.0, when making requests through a Requests Session, if the first request was made with verify=False to disable certificate verification, all subsequent requests to the same host would continue to ignore certificate verification, regardless of...
CVE-2025-36005
IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and MQ Operator SC2 3.2.0 through 3.2.13 Internet Pass-Thru could allow a malicious user to obtain sensitive information from another TLS session connection by the...
requests: subsequent requests to the same host ignore cert verification
An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...
requests: subsequent requests to the same host ignore cert verification
An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...
requests: subsequent requests to the same host ignore cert verification
An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...
requests: subsequent requests to the same host ignore cert verification
An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...
requests: subsequent requests to the same host ignore cert verification
An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...
SUSE CVE-2024-35195
Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of verif...
DEBIAN-CVE-2024-35195
Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of verif...