Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/07/06 7:51 p.m.6 views

CVE-2026-9080

A flaw was found in libcurl. When curleasypause is called within the event-based CURLMOPTSOCKETFUNCTION callback, a use-after-free vulnerability is triggered. This occurs because libcurl attempts to store a flag using a pointer to memory that has already been freed. An attacker could potentially...

7.3CVSS6AI score0.00494EPSS
Exploits1References6
OSV
OSV
added 2026/07/03 7:16 a.m.5 views

ALPINE-CVE-2026-9080

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

7.3CVSS5.9AI score0.00494EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/07/03 6:17 a.m.43 views

CVE-2026-9080 UAF after pause in socket callback

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

0.00494EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/07/03 6:17 a.m.8 views

CVE-2026-9080

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

7.3CVSS5.9AI score0.00494EPSS
Exploits1References3
OSV
OSV
added 2026/06/24 2:0 p.m.4 views

UBUNTU-CVE-2026-9080

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

7.3CVSS5.7AI score0.00494EPSS
Exploits1References4
curl security advisories
curl security advisories
added 2026/06/24 8:0 a.m.14 views

UAF after pause in socket callback

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

7.3CVSS5.7AI score0.00494EPSS
Exploits1References1Affected Software2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-51753

Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description A use-after-free issue occurs when the curl easy pause function is called within the event-based CURLMOPT SOCKETFUNCTION callback. This leads to a situation where libcurl attempts to store a...

9.8CVSS5.7AI score0.0108EPSS
Exploits12References47
Hacker One
Hacker One
added 2026/05/19 10:4 p.m.10 views

curl: CVE-2026-9080: UAF after pause in socket callback

Hi all, We've found a heap-use-after-free in lib/multiev.c triggered by calling curleasypause from within a CURLMOPTSOCKETFUNCTION callback. ASAN-confirmed with the self-contained reproducer below. Affected versions: 8.13.0 – 8.20.0 current. The entry-action write line 280 has been vulnerable sin...

7.3CVSS5.7AI score0.00494EPSS
Exploits1
Rows per page
Query Builder