Lucene search
K

8 matches found

OSV
OSV
added 2026/06/24 8:0 a.m.10 views

CURL-CVE-2026-8458 wrong reuse for different services

libcurl might in some circumstances reuse the wrong connection when asked to do Negotiate-authenticated ones, even when they are set to use different "services". libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/13 1:1 p.m.7 views

ALPINE-CVE-2026-5773

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

7.5CVSS5.4AI score0.00549EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/05/13 8:27 a.m.6 views

CVE-2026-5773

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

7.5CVSS5.8AI score0.00549EPSS
Exploits1References4
curl security advisories
curl security advisories
added 2026/04/29 8:0 a.m.14 views

stale custom cookie host causes cookie leak

Using libcurl, when a custom Host: header is first set for an HTTP request and a second request is subsequently done using the same easy handle but without the custom Host: header set, the second request would use stale information and pass on cookies meant for the first host in the second reques...

7.5CVSS5.2AI score0.00291EPSS
Exploits1References1Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/03/11 10:8 a.m.7 views

CVE-2026-1965

libcurl can in some circumstances reuse the wrong connection when asked to do an Negotiate-authenticated HTTP or HTTPS request. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of...

6.5CVSS5.8AI score0.00259EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens RUGGEDCOM ROX, SIMATIC S7-1500 Improper Certificate Validation (CVE-2022-27782)

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH...

7.5CVSS6.7AI score0.02596EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/03/06 12:0 a.m.98 views

IBM Rational ClearCase 8.0 < 9.0.1.14 / 9.0.2 < 9.0.2.6 / 9.1 < 9.1.0.3 Multiple Vulnerabilities

The version of IBM Rational ClearCase installed on the remote host is affected by multiple vulnerabilities, including the following: - A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when '--no-clobber' is used together with '--remove-on-error'...

8.1CVSS6.5AI score0.03453EPSS
Exploits6References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.3 views

SUSE CVE-2022-27782

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH...

7.5CVSS7.4AI score0.02596EPSS
Exploits1References68
Rows per page
Query Builder