Lucene search
K

4 matches found

OSV
OSV
added 2026/05/22 5:59 p.m.10 views

CLSA-2026-1779372929 curl: Fix of CVE-2026-7168

CVE-2026-7168: clear proxy Digest auth state when CURLOPTPROXY is reassigned to a different proxy host on the same easy handle so a stale Proxy-Authorization header is not replayed to the new proxy...

5.3CVSS5.8AI score0.00471EPSS
Exploits1References1
Hacker One
Hacker One
added 2026/05/18 11:47 a.m.10 views

curl: CVE-2026-8927: env-set cross-proxy Digest auth state leak

AI-assisted preparation note I used AI assistance to help structure and format this report, but the technical findings, PoC, and verification results are based on local testing against curl/libcurl 8.20.0. Summary I found a possible incomplete-fix variant of CVE-2026-7168 in libcurl 8.20.0. The...

9.1CVSS5.5AI score0.00589EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.132 views

libcurl 7.12.0 < 8.20.0 Cross-Proxy Digest Auth State Leak

The version of libcurl installed on the remote host is 7.12.0 prior to 8.20.0. It is, therefore, affected by a cross-proxy digest auth state leak vulnerability: - libcurl improperly handles Digest authentication headers when reusing handles across different HTTP proxies. When a client switches fr...

5.3CVSS5.8AI score0.00471EPSS
Exploits1References2
OSV
OSV
added 2024/10/03 2:24 p.m.3 views

USN-7055-1 freeradius vulnerability

Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that FreeRADIUS incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses,...

9CVSS7AI score0.14859EPSS
Exploits2References2
Rows per page
Query Builder