Lucene search
+L

6 matches found

nvd
nvd
added 2026/07/03 7:16 a.m.8 views

CVE-2026-11856

Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...

9.8CVSS0.01064EPSS
Exploits1References3
osv
osv
added 2026/07/03 7:16 a.m.6 views

ALPINE-CVE-2026-11856

Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...

9.8CVSS6AI score0.01064EPSS
Exploits1References1
cvelist
cvelist
added 2026/07/03 6:13 a.m.90 views

CVE-2026-11856 cross-origin Digest auth state leak

Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...

0.01064EPSS
Exploits1References3
euvd
euvd
added 2026/07/03 6:13 a.m.10 views

EUVD-2026-41501

Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...

6AI score0.01064EPSS
Exploits1References3
osv
osv
added 2026/06/24 2:0 p.m.19 views

UBUNTU-CVE-2026-11856

Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...

9.8CVSS6.1AI score0.01064EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.10 views

PT-2026-51743

Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description When performing a transfer to a specific HTTP origin hostA using Digest authentication and subsequently changing the origin to a different one hostB while reusing the same handle, libcurl...

9.8CVSS6AI score0.01064EPSS
Exploits1References37
Rows per page
Query Builder