CVE-2026-9079
Description
libcurl had a flaw that when instructed to clear proxy authentication
credentials which made it not do so, leaving the old credentials around to get
used for subsequent transfers that should not know nor use them.
Metadata
Severity & Metrics
No CVSS data available.
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| curl | curl | — | 8.20.0 ≤ 8.20.0, 8.19.0 ≤ 8.19.0, 8.18.0 ≤ 8.18.0, 8.17.0 ≤ 8.17.0 … |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| — | cna | CWE-522 Insufficiently Protected Credentials |
References (3)