23 matches found
CVE-2026-6429
When asked to both use a .netrc file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to host under certain circumstances...
libcurl 7.14.0 < 8.20.0 Netrc Password Leak on HTTP Redirect
The version of libcurl installed on the remote host is 7.14.0 prior to 8.20.0. It is, therefore, affected by a netrc password leak vulnerability: - When asked to both use a .netrc file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the...
CURL-CVE-2026-6429 netrc credential leak with reused proxy connection
When asked to both use a .netrc file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to host under certain circumstances...
Insertion of Sensitive Information Into Sent Data
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the reuse of a proxy connection during HTTP redirects when using .netrc for credentials. An attacker can obtain sensitive credential information by intercepting traffic if both the...
Fedora 42 : curl (2026-907bbf2a13)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-907bbf2a13 advisory. - fix bad reuse of HTTP Negotiate connection CVE-2026-1965 - fix token leak with redirect and netrc CVE-2026-3783 - fix wrong proxy connection reuse...
CLSA-2026-1774273500 curl: Fix of CVE-2026-3784
CVE-2026-3784: fix proxy connection reuse with different credentials - update outdated timestamps in test 046...
CLSA-2026-1774259220 curl: Fix of 3 CVEs
CVE-2026-1965: fix incorrect connection reuse; prevent reuse of Negotiate- authenticated connections with different credentials and require authentication identity match - CVE-2026-3784: fix wrong proxy connection reuse with different credentials; check proxy user/password in proxyinfomatches to...
SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2026:0903-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0903-1 advisory. - CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. - CVE-2026-3783: token leak with redirect...
Security update for curl
This update for curl fixes the following issues: CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. CVE-2026-3783: token leak with redirect and netrc bsc1259363. CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. CVE-2026-3805: use after free in SMB connection...
SUSE-SU-2026:0903-1 Security update for curl
This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. - CVE-2026-3783: token leak with redirect and netrc bsc1259363. - CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. - CVE-2026-3805: use after free in SMB...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : curl vulnerabilities (USN-8084-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8084-1 advisory. Zhicheng Chen discovered that curl could incorrectly reuse the wrong connection for Negotiate- authenticated HTTP or HTTPS requests...
SUSE-SU-2026:0879-1 Security update for curl
This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. - CVE-2026-3783: token leak with redirect and netrc bsc1259363. - CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. - CVE-2026-3805: use after free in SMB...
CVE-2026-3784
curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection...
Linux Distros Unpatched Vulnerability : CVE-2026-3784
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The...
curl: Memory leak of ftp (with proxy reuse)
Summary: summary of the vulnerability There is a memory leak with FTP see reproducer and stack trace I found it via fuzzing with https://github.com/catenacyber/curl-fuzzer/tree/proxy after fixing a small memory leak in curl Just reporting a bit raw, not sure this is not just a small leak that doe...
nodejs: HTTP request smuggling using malformed Transfer-Encoding header
A flaw was found in the Node.js code where a specially crafted HTTPs request sent to a Node.js server failed to properly process the HTTPs headers, resulting in a request smuggling attack. An attacker can use this flaw to alter a request sent as an authenticated user if the Node.js server is...
PT-2020-12825 · Envoy +1 · Envoy +1
Name of the Vulnerable Software and Affected Versions: Istio versions 1.5.1 and earlier Envoy versions 1.14.1 and earlier Description: The issue concerns a data-leak problem where a TCP connection negotiated with SNI over HTTPS to .example.com can lead to a request for a domain configured...
nodejs: HTTP request smuggling using malformed Transfer-Encoding header
A flaw was found in the Node.js code where a specially crafted HTTPs request sent to a Node.js server failed to properly process the HTTPs headers, resulting in a request smuggling attack. An attacker can use this flaw to alter a request sent as an authenticated user if the Node.js server is...
nodejs: HTTP request smuggling using malformed Transfer-Encoding header
A flaw was found in the Node.js code where a specially crafted HTTPs request sent to a Node.js server failed to properly process the HTTPs headers, resulting in a request smuggling attack. An attacker can use this flaw to alter a request sent as an authenticated user if the Node.js server is...
nodejs: HTTP request smuggling using malformed Transfer-Encoding header
A flaw was found in the Node.js code where a specially crafted HTTPs request sent to a Node.js server failed to properly process the HTTPs headers, resulting in a request smuggling attack. An attacker can use this flaw to alter a request sent as an authenticated user if the Node.js server is...