24 matches found
CVE-2026-6276
CVE-2026-6276 affects libcurl: if a custom Host header is initially set for an HTTP request and a subsequent request on the same easy handle is made without the Host header, the second request can reuse stale host information and leak cookies intended for the first host. The issue manifests as a ...
CVE-2026-6276 stale custom cookie host causes cookie leak
Using libcurl, when a custom Host: header is first set for an HTTP request and a second request is subsequently done using the same easy handle but without the custom Host: header set, the second request would use stale information and pass on cookies meant for the first host in the second reques...
CVE-2026-6276
Using libcurl, when a custom Host: header is first set for an HTTP request and a second request is subsequently done using the same easy handle but without the custom Host: header set, the second request would use stale information and pass on cookies meant for the first host in the second reques...
CVE-2026-6276 stale custom cookie host causes cookie leak
Using libcurl, when a custom Host: header is first set for an HTTP request and a second request is subsequently done using the same easy handle but without the custom Host: header set, the second request would use stale information and pass on cookies meant for the first host in the second reques...
CVE-2026-6276
Using libcurl, when a custom Host: header is first set for an HTTP request and a second request is subsequently done using the same easy handle but without the custom Host: header set, the second request would use stale information and pass on cookies meant for the first host in the second reques...
UBUNTU-CVE-2026-6276
Using libcurl, when a custom Host: header is first set for an HTTP request and a second request is subsequently done using the same easy handle but without the custom Host: header set, the second request would use stale information and pass on cookies meant for the first host in the second reques...
curl: libcurl stale CURLOPT_AUTOREFERER leaks a previous request URL to a different origin on a reused easy handle
Summary: libcurl keeps a stale data-state.referer after an HTTP redirect when CURLOPTAUTOREFERER is enabled. Curlhttpfollow stores the previous URL into data-state.referer at lib/http.c:1166-1189, and later requests reuse that value when building Referer: at lib/http.c:2954-2957. In my local...
EUVD-2018-8636
Malware in sbrugna...
EulerOS Virtualization 3.0.6.0 : curl (EulerOS-SA-2024-1677)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions a...
EulerOS 2.0 SP11 : curl (EulerOS-SA-2023-3239)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 prox...
PT-2023-5886 · Libcurl +13 · Libcurl +13
Name of the Vulnerable Software and Affected Versions: libcurl versions prior to 8.4.0 Description: This issue allows an attacker to insert cookies at will into a running program using libcurl, if specific series of conditions are met. libcurl performs transfers and provides a function call that...
SUSE CVE-2018-16840
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...
[ASA-201811-5] libcurl-compat: arbitrary code execution
Arch Linux Security Advisory ASA-201811-5 ========================================= Severity: High Date : 2018-11-06 CVE-ID : CVE-2018-16840 Package : libcurl-compat Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-800 Summary ======= The package libcurl-comp...
DEBIAN-CVE-2018-16840
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...
Heap overflow
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...
ALPINE-CVE-2018-16840
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...
CVE-2018-16840
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...
CVE-2018-16840
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...
CVE-2018-16840
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...
CVE-2018-16840
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...