Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-8926 (GCVE-0-2026-8926)
Vulnerability from cvelistv5 – Published: 2026-07-03 06:15 – Updated: 2026-07-06 17:02| Vendor | Product | Version | |
|---|---|---|---|
| curl | curl |
Affected:
8.20.0 , ≤ 8.20.0
(semver)
Affected: 8.19.0 , ≤ 8.19.0 (semver) Affected: 8.18.0 , ≤ 8.18.0 (semver) Affected: 8.17.0 , ≤ 8.17.0 (semver) Affected: 8.16.0 , ≤ 8.16.0 (semver) Affected: 8.15.0 , ≤ 8.15.0 (semver) Affected: 8.14.1 , ≤ 8.14.1 (semver) Affected: 8.14.0 , ≤ 8.14.0 (semver) Affected: 8.13.0 , ≤ 8.13.0 (semver) Affected: 8.12.1 , ≤ 8.12.1 (semver) Affected: 8.12.0 , ≤ 8.12.0 (semver) Affected: 8.11.1 , ≤ 8.11.1 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-8926",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-06T17:01:57.524535Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-06T17:02:33.061Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://hackerone.com/reports/3735184"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "curl",
"vendor": "curl",
"versions": [
{
"lessThanOrEqual": "8.20.0",
"status": "affected",
"version": "8.20.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.0",
"status": "affected",
"version": "8.19.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.18.0",
"status": "affected",
"version": "8.18.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.17.0",
"status": "affected",
"version": "8.17.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.16.0",
"status": "affected",
"version": "8.16.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.15.0",
"status": "affected",
"version": "8.15.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.14.1",
"status": "affected",
"version": "8.14.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.14.0",
"status": "affected",
"version": "8.14.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0",
"status": "affected",
"version": "8.13.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.1",
"status": "affected",
"version": "8.12.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0",
"status": "affected",
"version": "8.12.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.11.1",
"status": "affected",
"version": "8.11.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joshua Rogers (Aisle Research)"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Stefan Eissing"
}
],
"descriptions": [
{
"lang": "en",
"value": "When asking curl to use a `.netrc` file to find credentials and at the same\ntime specifying a URL with a username(without a password), like\n`https://user@example.com/`, curl could wrongly get and use the password for\n*another* user set in the `.netrc` file for that host if such a one exists and\nthere is no match for the specified user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-03T06:15:45.735Z",
"orgId": "2499f714-1537-4658-8207-48ae4bb9eae9",
"shortName": "curl"
},
"references": [
{
"name": "json",
"url": "https://curl.se/docs/CVE-2026-8926.json"
},
{
"name": "www",
"url": "https://curl.se/docs/CVE-2026-8926.html"
},
{
"name": "issue",
"url": "https://hackerone.com/reports/3735184"
}
],
"title": "password leak with netrc and user in URL"
}
},
"cveMetadata": {
"assignerOrgId": "2499f714-1537-4658-8207-48ae4bb9eae9",
"assignerShortName": "curl",
"cveId": "CVE-2026-8926",
"datePublished": "2026-07-03T06:15:45.735Z",
"dateReserved": "2026-05-19T08:11:58.393Z",
"dateUpdated": "2026-07-06T17:02:33.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-8926",
"date": "2026-07-08",
"epss": "0.00479",
"percentile": "0.37916"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-8926\",\"sourceIdentifier\":\"2499f714-1537-4658-8207-48ae4bb9eae9\",\"published\":\"2026-07-03T07:16:25.037\",\"lastModified\":\"2026-07-07T23:02:54.490\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When asking curl to use a `.netrc` file to find credentials and at the same\\ntime specifying a URL with a username(without a password), like\\n`https://user@example.com/`, curl could wrongly get and use the password for\\n*another* user set in the `.netrc` file for that host if such a one exists and\\nthere is no match for the specified user.\"}],\"affected\":[{\"source\":\"2499f714-1537-4658-8207-48ae4bb9eae9\",\"affectedData\":[{\"vendor\":\"curl\",\"product\":\"curl\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"8.20.0\",\"lessThanOrEqual\":\"8.20.0\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.19.0\",\"lessThanOrEqual\":\"8.19.0\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.18.0\",\"lessThanOrEqual\":\"8.18.0\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.17.0\",\"lessThanOrEqual\":\"8.17.0\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.16.0\",\"lessThanOrEqual\":\"8.16.0\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.15.0\",\"lessThanOrEqual\":\"8.15.0\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.14.1\",\"lessThanOrEqual\":\"8.14.1\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.14.0\",\"lessThanOrEqual\":\"8.14.0\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.13.0\",\"lessThanOrEqual\":\"8.13.0\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.12.1\",\"lessThanOrEqual\":\"8.12.1\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.12.0\",\"lessThanOrEqual\":\"8.12.0\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.11.1\",\"lessThanOrEqual\":\"8.11.1\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-07-06T17:01:57.524535Z\",\"id\":\"CVE-2026-8926\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-522\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.11.1\",\"versionEndExcluding\":\"8.21.0\",\"matchCriteriaId\":\"C3AD1A6E-F3DD-4151-9602-669ADAF00525\"}]}]}],\"references\":[{\"url\":\"https://curl.se/docs/CVE-2026-8926.html\",\"source\":\"2499f714-1537-4658-8207-48ae4bb9eae9\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://curl.se/docs/CVE-2026-8926.json\",\"source\":\"2499f714-1537-4658-8207-48ae4bb9eae9\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://hackerone.com/reports/3735184\",\"source\":\"2499f714-1537-4658-8207-48ae4bb9eae9\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://hackerone.com/reports/3735184\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-8926\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-07-06T17:01:57.524535Z\"}}}], \"references\": [{\"url\": \"https://hackerone.com/reports/3735184\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-07-06T17:02:29.139Z\"}}], \"cna\": {\"title\": \"password leak with netrc and user in URL\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Joshua Rogers (Aisle Research)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Stefan Eissing\"}], \"affected\": [{\"vendor\": \"curl\", \"product\": \"curl\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.20.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.20.0\"}, {\"status\": \"affected\", \"version\": \"8.19.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.19.0\"}, {\"status\": \"affected\", \"version\": \"8.18.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.18.0\"}, {\"status\": \"affected\", \"version\": \"8.17.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.17.0\"}, {\"status\": \"affected\", \"version\": \"8.16.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.16.0\"}, {\"status\": \"affected\", \"version\": \"8.15.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.15.0\"}, {\"status\": \"affected\", \"version\": \"8.14.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.14.1\"}, {\"status\": \"affected\", \"version\": \"8.14.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.14.0\"}, {\"status\": \"affected\", \"version\": \"8.13.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.13.0\"}, {\"status\": \"affected\", \"version\": \"8.12.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.12.1\"}, {\"status\": \"affected\", \"version\": \"8.12.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.12.0\"}, {\"status\": \"affected\", \"version\": \"8.11.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.11.1\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://curl.se/docs/CVE-2026-8926.json\", \"name\": \"json\"}, {\"url\": \"https://curl.se/docs/CVE-2026-8926.html\", \"name\": \"www\"}, {\"url\": \"https://hackerone.com/reports/3735184\", \"name\": \"issue\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"When asking curl to use a `.netrc` file to find credentials and at the same\\ntime specifying a URL with a username(without a password), like\\n`https://user@example.com/`, curl could wrongly get and use the password for\\n*another* user set in the `.netrc` file for that host if such a one exists and\\nthere is no match for the specified user.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-522 Insufficiently Protected Credentials\"}]}], \"providerMetadata\": {\"orgId\": \"2499f714-1537-4658-8207-48ae4bb9eae9\", \"shortName\": \"curl\", \"dateUpdated\": \"2026-07-03T06:15:45.735Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-8926\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-06T17:02:33.061Z\", \"dateReserved\": \"2026-05-19T08:11:58.393Z\", \"assignerOrgId\": \"2499f714-1537-4658-8207-48ae4bb9eae9\", \"datePublished\": \"2026-07-03T06:15:45.735Z\", \"assignerShortName\": \"curl\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0797
Vulnerability from certfr_avis - Published: 2026-06-24 - Updated: 2026-06-24
De multiples vulnérabilités ont été découvertes dans cURL et libcurl. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Curl | cURL et libcurl | cURL et libcurl versions antérieures à 8.21.0 |
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "cURL et libcurl versions ant\u00e9rieures \u00e0 8.21.0",
"product": {
"name": "cURL et libcurl",
"vendor": {
"name": "Curl",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-8926",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8926"
},
{
"name": "CVE-2026-11352",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-11352"
},
{
"name": "CVE-2026-8458",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8458"
},
{
"name": "CVE-2026-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9546"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2026-10536",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-10536"
},
{
"name": "CVE-2026-8932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8932"
},
{
"name": "CVE-2026-11856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-11856"
},
{
"name": "CVE-2026-11586",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-11586"
},
{
"name": "CVE-2026-12064",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-12064"
},
{
"name": "CVE-2026-8924",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8924"
},
{
"name": "CVE-2026-9079",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9079"
},
{
"name": "CVE-2026-9080",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9080"
},
{
"name": "CVE-2026-9545",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9545"
},
{
"name": "CVE-2026-8925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8925"
},
{
"name": "CVE-2026-8927",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8927"
},
{
"name": "CVE-2026-11564",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-11564"
},
{
"name": "CVE-2026-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9547"
},
{
"name": "CVE-2026-7168",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7168"
},
{
"name": "CVE-2026-8286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8286"
},
{
"name": "CVE-2026-5545",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5545"
}
],
"initial_release_date": "2026-06-24T00:00:00",
"last_revision_date": "2026-06-24T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0797",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-24T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans cURL et libcurl. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans cURL et libcurl",
"vendor_advisories": [
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-12064",
"url": "https://curl.se/docs/CVE-2026-12064.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-9547",
"url": "https://curl.se/docs/CVE-2026-9547.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-10536",
"url": "https://curl.se/docs/CVE-2026-10536.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-8286",
"url": "https://curl.se/docs/CVE-2026-8286.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-8927",
"url": "https://curl.se/docs/CVE-2026-8927.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-11586",
"url": "https://curl.se/docs/CVE-2026-11586.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-9079",
"url": "https://curl.se/docs/CVE-2026-9079.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-11856",
"url": "https://curl.se/docs/CVE-2026-11856.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-8924",
"url": "https://curl.se/docs/CVE-2026-8924.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-8458",
"url": "https://curl.se/docs/CVE-2026-8458.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-9546",
"url": "https://curl.se/docs/CVE-2026-9546.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-9080",
"url": "https://curl.se/docs/CVE-2026-9080.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-11352",
"url": "https://curl.se/docs/CVE-2026-11352.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-8932",
"url": "https://curl.se/docs/CVE-2026-8932.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-8926",
"url": "https://curl.se/docs/CVE-2026-8926.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-9545",
"url": "https://curl.se/docs/CVE-2026-9545.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-8925",
"url": "https://curl.se/docs/CVE-2026-8925.html"
},
{
"published_at": "2026-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Curl CVE-2026-11564",
"url": "https://curl.se/docs/CVE-2026-11564.html"
}
]
}
FKIE_CVE-2026-8926
Vulnerability from fkie_nvd - Published: 2026-07-03 07:16 - Updated: 2026-07-07 23:02| URL | Tags | ||
|---|---|---|---|
| 2499f714-1537-4658-8207-48ae4bb9eae9 | https://curl.se/docs/CVE-2026-8926.html | Patch, Vendor Advisory | |
| 2499f714-1537-4658-8207-48ae4bb9eae9 | https://curl.se/docs/CVE-2026-8926.json | Vendor Advisory | |
| 2499f714-1537-4658-8207-48ae4bb9eae9 | https://hackerone.com/reports/3735184 | Exploit, Issue Tracking, Third Party Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://hackerone.com/reports/3735184 | Exploit, Issue Tracking, Third Party Advisory |
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unaffected",
"product": "curl",
"vendor": "curl",
"versions": [
{
"lessThanOrEqual": "8.20.0",
"status": "affected",
"version": "8.20.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.0",
"status": "affected",
"version": "8.19.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.18.0",
"status": "affected",
"version": "8.18.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.17.0",
"status": "affected",
"version": "8.17.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.16.0",
"status": "affected",
"version": "8.16.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.15.0",
"status": "affected",
"version": "8.15.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.14.1",
"status": "affected",
"version": "8.14.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.14.0",
"status": "affected",
"version": "8.14.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0",
"status": "affected",
"version": "8.13.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.1",
"status": "affected",
"version": "8.12.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0",
"status": "affected",
"version": "8.12.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.11.1",
"status": "affected",
"version": "8.11.1",
"versionType": "semver"
}
]
}
],
"source": "2499f714-1537-4658-8207-48ae4bb9eae9"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3AD1A6E-F3DD-4151-9602-669ADAF00525",
"versionEndExcluding": "8.21.0",
"versionStartIncluding": "8.11.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When asking curl to use a `.netrc` file to find credentials and at the same\ntime specifying a URL with a username(without a password), like\n`https://user@example.com/`, curl could wrongly get and use the password for\n*another* user set in the `.netrc` file for that host if such a one exists and\nthere is no match for the specified user."
}
],
"id": "CVE-2026-8926",
"lastModified": "2026-07-07T23:02:54.490",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-8926",
"options": [
{
"exploitation": "poc"
},
{
"automatable": "no"
},
{
"technicalImpact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-06T17:01:57.524535Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-07-03T07:16:25.037",
"references": [
{
"source": "2499f714-1537-4658-8207-48ae4bb9eae9",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://curl.se/docs/CVE-2026-8926.html"
},
{
"source": "2499f714-1537-4658-8207-48ae4bb9eae9",
"tags": [
"Vendor Advisory"
],
"url": "https://curl.se/docs/CVE-2026-8926.json"
},
{
"source": "2499f714-1537-4658-8207-48ae4bb9eae9",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/3735184"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/3735184"
}
],
"sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-VW2X-3W8J-RQ82
Vulnerability from github – Published: 2026-07-03 09:31 – Updated: 2026-07-06 18:30When asking curl to use a .netrc file to find credentials and at the same
time specifying a URL with a username(without a password), like
https://user@example.com/, curl could wrongly get and use the password for
another user set in the .netrc file for that host if such a one exists and
there is no match for the specified user.
{
"affected": [],
"aliases": [
"CVE-2026-8926"
],
"database_specific": {
"cwe_ids": [
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-03T07:16:25Z",
"severity": "CRITICAL"
},
"details": "When asking curl to use a `.netrc` file to find credentials and at the same\ntime specifying a URL with a username(without a password), like\n`https://user@example.com/`, curl could wrongly get and use the password for\n*another* user set in the `.netrc` file for that host if such a one exists and\nthere is no match for the specified user.",
"id": "GHSA-vw2x-3w8j-rq82",
"modified": "2026-07-06T18:30:47Z",
"published": "2026-07-03T09:31:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8926"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/3735184"
},
{
"type": "WEB",
"url": "https://curl.se/docs/CVE-2026-8926.html"
},
{
"type": "WEB",
"url": "https://curl.se/docs/CVE-2026-8926.json"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
MSRC_CVE-2026-8926
Vulnerability from csaf_microsoft - Published: 2026-07-02 00:00 - Updated: 2026-07-07 01:43| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-1 | — |
None Available
|
|
| Unresolved product id: 17084-4 | — |
None Available
|
|
| Unresolved product id: 17084-3 | — |
None Available
|
|
| Unresolved product id: 17084-2 | — |
None Available
|
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-8926 password leak with netrc and user in URL - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-8926.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "password leak with netrc and user in URL",
"tracking": {
"current_release_date": "2026-07-07T01:43:09.000Z",
"generator": {
"date": "2026-07-07T07:30:37.687Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-8926",
"initial_release_date": "2026-07-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-07-04T01:07:40.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-07-07T01:43:09.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "azl3 curl 0:8.11.1-9.azl3",
"product": {
"name": "azl3 curl 0:8.11.1-9.azl3",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "curl"
},
{
"branches": [
{
"category": "product_version_range",
"name": "azl3 mysql 0:8.0.46-1.azl3",
"product": {
"name": "azl3 mysql 0:8.0.46-1.azl3",
"product_id": "4"
}
}
],
"category": "product_name",
"name": "mysql"
},
{
"branches": [
{
"category": "product_version_range",
"name": "azl3 rust 0:1.75.0-30.azl3",
"product": {
"name": "azl3 rust 0:1.75.0-30.azl3",
"product_id": "3"
}
},
{
"category": "product_version_range",
"name": "azl3 rust 0:1.90.0-9.azl3",
"product": {
"name": "azl3 rust 0:1.90.0-9.azl3",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "rust"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 curl 0:8.11.1-9.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 mysql 0:8.0.46-1.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-4"
},
"product_reference": "4",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 rust 0:1.75.0-30.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 rust 0:1.90.0-9.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-8926",
"notes": [
{
"category": "general",
"text": "curl",
"title": "Assigning CNA"
}
],
"product_status": {
"known_affected": [
"17084-1",
"17084-4",
"17084-3",
"17084-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-8926 password leak with netrc and user in URL - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-8926.json"
}
],
"remediations": [
{
"category": "none_available",
"date": "2026-07-04T01:07:40.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-1"
]
},
{
"category": "none_available",
"date": "2026-07-04T01:07:40.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-4"
]
},
{
"category": "none_available",
"date": "2026-07-04T01:07:40.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-3"
]
},
{
"category": "none_available",
"date": "2026-07-04T01:07:40.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-2"
]
}
],
"title": "password leak with netrc and user in URL"
}
]
}
RHSA-2026:34975
Vulnerability from csaf_redhat - Published: 2026-07-02 15:43 - Updated: 2026-07-08 21:36A flaw was found in curl. When a new data transfer attempts to upgrade its connection using STARTTLS, it may incorrectly reuse an existing live connection. This reuse can occur even if the Transport Layer Security (TLS) configuration of the new transfer does not match the existing connection, potentially leading to an insecure connection being established.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in curl's cookie parsing logic. A malicious HTTP server can exploit this by setting 'super cookies' that bypass the Public Suffix List check. This allows an attacker-controlled origin to inject cookies that curl then transmits to unrelated third-party domains, leading to compromising request integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in curl. The logic handling SASL (Simple Authentication and Security Layer) authentication could lead to a double-free vulnerability. This occurs because the GSASL context may be deallocated twice without clearing the pointer, potentially leading to memory corruption. An attacker could exploit this to cause a denial of service or potentially execute arbitrary code.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in curl. When curl is configured to use a .netrc file for credentials and a URL is provided with a username but no password, curl may incorrectly retrieve and use the password for a different user from the .netrc file for the same host. This could lead to unauthorized information disclosure, as curl might connect using unintended credentials.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in libcurl. When reusing a libcurl handle for sequential transfers with environment-variable proxy configuration, the library does not properly clear the proxy authentication state. This oversight can lead to the unintended disclosure of `Proxy-Authorization` headers to an incorrect proxy, potentially exposing sensitive authentication information to an unauthorized entity. This is an information disclosure vulnerability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in curl. The libcurl library, used for transferring data with URLs, could improperly reuse existing network connections. This occurred even when changes to mutual Transport Layer Security (mTLS) settings, particularly those for client certificates, should have prevented such reuse. This issue could lead to a security feature bypass, where a client might use a connection with an unintended or weaker security configuration, potentially compromising the integrity or confidentiality of data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in curl. When libcurl is instructed to clear proxy authentication credentials, it fails to do so, leaving the old credentials available. This could lead to the unintended reuse of sensitive proxy authentication credentials for subsequent network transfers, potentially resulting in unauthorized access or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in libcurl. When `curl_easy_pause()` is called within the event-based `CURLMOPT_SOCKETFUNCTION` callback, a use-after-free vulnerability is triggered. This occurs because libcurl attempts to store a flag using a pointer to memory that has already been freed. An attacker could potentially exploit this to cause a denial of service or execute arbitrary code.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in libcurl. This vulnerability causes the HTTP Referer header to persist even after it has been explicitly cleared. This can lead to the previous referrer string being unintentionally reused and sent in subsequent requests, potentially disclosing sensitive information to unintended servers.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in curl. When a libcurl-based application uses SCP:// or SFTP:// for transfers and employs the CURLOPT_SSH_KEYFUNCTION callback, it may silently accept an untrusted server. This occurs if the server's host key type differs from the one stored in the known_hosts file. The callback mechanism fails to enforce the host key restriction, enabling a connection to an untrusted server and risking a man-in-the-middle attack.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in curl and libcurl. A malicious HTTP/3 server can exploit an issue in the QUIC UDP receive function by continuously streaming empty UDP datagrams. This can lead to a remote denial of service (DoS) against a curl or libcurl client, as the helper function discards zero-length UDP datagrams before counting them toward the per-call packet budget, causing the client to indefinitely stall.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in curl. When libcurl reuses a connection from its connection pool, an easy handle that initially used default native Certificate Authority (CA) trust may continue to trust the native platform store. This occurs even after the application has switched that same handle to custom CA material for a subsequent transfer, potentially bypassing intended certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in curl. A malicious server can exploit this vulnerability by sending rapid, sequential WebSocket PING messages. Due to a lack of an upper bound on memory allocation for unacknowledged frames, curl can be forced to exhaust all available memory, leading to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in curl. When `libcurl` performs a transfer to an HTTP origin using Digest authentication and then reuses the same connection handle for a subsequent transfer to a different origin, it may incorrectly send the authentication header intended for the first origin to the second. This could lead to unintended information disclosure, potentially allowing an attacker to gain unauthorized access to sensitive data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in curl. When a user invokes curl with a schemeless URL and specifies SFTP (SSH File Transfer Protocol) or SCP (Secure Copy Protocol) as the default protocol, the tool layer fails to initialize critical SSH security options. This bypasses host verification, allowing curl to connect to an unverified SSH remote host without alerting the user. This could enable an attacker to intercept or manipulate data through a man-in-the-middle attack.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in HdrHistogram. A local attacker can exploit a vulnerability in the `decodeFromByteBuffer` function by manipulating the `numberOfSignificantValueDigits` argument. This manipulation leads to uncontrolled memory allocation, which can result in a Denial of Service (DoS) condition, making the affected system or application unavailable.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in WEBrick, a Ruby web server toolkit. This vulnerability allows a remote attacker to perform request smuggling by manipulating the Content-Length header in HTTP/1.1 requests. WEBrick incorrectly re-parses the trailer Content-Length, leading to a desynchronization between the proxy and the backend server. This desynchronization can enable an attacker to bypass security controls, access unauthorized information, or inject malicious requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:rust-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:rust-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:34975 | self |
| https://images.redhat.com/ | external |
| https://access.redhat.com/security/cve/CVE-2026-38969 | external |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/security/cve/CVE-2026-12064 | external |
| https://access.redhat.com/security/cve/CVE-2026-8286 | external |
| https://access.redhat.com/security/cve/CVE-2026-11352 | external |
| https://access.redhat.com/security/cve/CVE-2026-11586 | external |
| https://access.redhat.com/security/cve/CVE-2026-9079 | external |
| https://access.redhat.com/security/cve/CVE-2026-8926 | external |
| https://access.redhat.com/security/cve/CVE-2026-9546 | external |
| https://access.redhat.com/security/cve/CVE-2026-8927 | external |
| https://access.redhat.com/security/cve/CVE-2026-8925 | external |
| https://access.redhat.com/security/cve/CVE-2026-11564 | external |
| https://access.redhat.com/security/cve/CVE-2026-9080 | external |
| https://access.redhat.com/security/cve/CVE-2026-8458 | external |
| https://access.redhat.com/security/cve/CVE-2026-11856 | external |
| https://access.redhat.com/security/cve/CVE-2026-8924 | external |
| https://access.redhat.com/security/cve/CVE-2026-14683 | external |
| https://access.redhat.com/security/cve/CVE-2026-14685 | external |
| https://access.redhat.com/security/cve/CVE-2026-14686 | external |
| https://access.redhat.com/security/cve/CVE-2026-8932 | external |
| https://access.redhat.com/security/cve/CVE-2026-9547 | external |
| https://access.redhat.com/security/cve/CVE-2026-14684 | external |
| https://access.redhat.com/security/cve/CVE-2026-59870 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2026-8286 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496763 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-8286 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-8286 | external |
| https://curl.se/docs/CVE-2026-8286.html | external |
| https://curl.se/docs/CVE-2026-8286.json | external |
| https://hackerone.com/reports/3718195 | external |
| https://access.redhat.com/security/cve/CVE-2026-8924 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496765 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-8924 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-8924 | external |
| https://curl.se/docs/CVE-2026-8924.html | external |
| https://curl.se/docs/CVE-2026-8924.json | external |
| https://hackerone.com/reports/3733905 | external |
| https://access.redhat.com/security/cve/CVE-2026-8925 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496762 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-8925 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-8925 | external |
| https://curl.se/docs/CVE-2026-8925.html | external |
| https://curl.se/docs/CVE-2026-8925.json | external |
| https://hackerone.com/reports/3735193 | external |
| https://access.redhat.com/security/cve/CVE-2026-8926 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496760 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-8926 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-8926 | external |
| https://curl.se/docs/CVE-2026-8926.html | external |
| https://curl.se/docs/CVE-2026-8926.json | external |
| https://hackerone.com/reports/3735184 | external |
| https://access.redhat.com/security/cve/CVE-2026-8927 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496769 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-8927 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-8927 | external |
| https://curl.se/docs/CVE-2026-8927.html | external |
| https://curl.se/docs/CVE-2026-8927.json | external |
| https://hackerone.com/reports/3744543 | external |
| https://access.redhat.com/security/cve/CVE-2026-8932 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496759 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-8932 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-8932 | external |
| https://curl.se/docs/CVE-2026-8932.html | external |
| https://curl.se/docs/CVE-2026-8932.json | external |
| https://hackerone.com/reports/3733910 | external |
| https://access.redhat.com/security/cve/CVE-2026-9079 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496771 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-9079 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-9079 | external |
| https://curl.se/docs/CVE-2026-9079.html | external |
| https://curl.se/docs/CVE-2026-9079.json | external |
| https://hackerone.com/reports/3750295 | external |
| https://access.redhat.com/security/cve/CVE-2026-9080 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496755 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-9080 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-9080 | external |
| https://curl.se/docs/CVE-2026-9080.html | external |
| https://curl.se/docs/CVE-2026-9080.json | external |
| https://hackerone.com/reports/3749204 | external |
| https://access.redhat.com/security/cve/CVE-2026-9546 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496770 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-9546 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-9546 | external |
| https://curl.se/docs/CVE-2026-9546.html | external |
| https://curl.se/docs/CVE-2026-9546.json | external |
| https://hackerone.com/reports/3754343 | external |
| https://access.redhat.com/security/cve/CVE-2026-9547 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496758 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-9547 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-9547 | external |
| https://curl.se/docs/CVE-2026-9547.html | external |
| https://curl.se/docs/CVE-2026-9547.json | external |
| https://hackerone.com/reports/3751712 | external |
| https://access.redhat.com/security/cve/CVE-2026-11352 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496757 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-11352 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-11352 | external |
| https://curl.se/docs/CVE-2026-11352.html | external |
| https://curl.se/docs/CVE-2026-11352.json | external |
| https://hackerone.com/reports/3783438 | external |
| https://access.redhat.com/security/cve/CVE-2026-11564 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496754 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-11564 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-11564 | external |
| https://curl.se/docs/CVE-2026-11564.html | external |
| https://curl.se/docs/CVE-2026-11564.json | external |
| https://hackerone.com/reports/3788984 | external |
| https://access.redhat.com/security/cve/CVE-2026-11586 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496753 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-11586 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-11586 | external |
| https://curl.se/docs/CVE-2026-11586.html | external |
| https://curl.se/docs/CVE-2026-11586.json | external |
| https://hackerone.com/reports/3788931 | external |
| https://access.redhat.com/security/cve/CVE-2026-11856 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496767 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-11856 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-11856 | external |
| https://curl.se/docs/CVE-2026-11856.html | external |
| https://curl.se/docs/CVE-2026-11856.json | external |
| https://hackerone.com/reports/3793260 | external |
| https://access.redhat.com/security/cve/CVE-2026-12064 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496768 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-12064 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-12064 | external |
| https://curl.se/docs/CVE-2026-12064.html | external |
| https://curl.se/docs/CVE-2026-12064.json | external |
| https://hackerone.com/reports/3797526 | external |
| https://access.redhat.com/security/cve/CVE-2026-14684 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2497103 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-14684 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-14684 | external |
| https://github.com/HdrHistogram/HdrHistogram/ | external |
| https://github.com/HdrHistogram/HdrHistogram/issues/220 | external |
| https://vuldb.com/cve/CVE-2026-14684 | external |
| https://vuldb.com/submit/846754 | external |
| https://vuldb.com/vuln/376280 | external |
| https://vuldb.com/vuln/376280/cti | external |
| https://access.redhat.com/security/cve/CVE-2026-38969 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2496708 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-38969 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-38969 | external |
| https://github.com/advisories/GHSA-h4w6-wx8r-p68v | external |
| https://github.com/ruby/webrick/issues/198 | external |
| https://github.com/ruby/webrick/pull/199 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\nrust:\n * cargo-1.96.1-1.hum1 (aarch64, x86_64)\n * clippy-1.96.1-1.hum1 (aarch64, x86_64)\n * rust-1.96.1-1.hum1 (aarch64, x86_64)\n * rust-analyzer-1.96.1-1.hum1 (aarch64, x86_64)\n * rust-debugger-common-1.96.1-1.hum1 (noarch)\n * rust-doc-1.96.1-1.hum1 (aarch64, x86_64)\n * rust-gdb-1.96.1-1.hum1 (noarch)\n * rust-lldb-1.96.1-1.hum1 (noarch)\n * rust-src-1.96.1-1.hum1 (noarch)\n * rust-std-static-1.96.1-1.hum1 (aarch64, x86_64)\n * rust-std-static-aarch64-unknown-none-softfloat-1.96.1-1.hum1 (noarch)\n * rust-std-static-aarch64-unknown-uefi-1.96.1-1.hum1 (noarch)\n * rust-std-static-i686-pc-windows-gnu-1.96.1-1.hum1 (noarch)\n * rust-std-static-wasm32-unknown-unknown-1.96.1-1.hum1 (noarch)\n * rust-std-static-wasm32-wasip1-1.96.1-1.hum1 (noarch)\n * rust-std-static-x86_64-pc-windows-gnu-1.96.1-1.hum1 (noarch)\n * rust-std-static-x86_64-unknown-none-1.96.1-1.hum1 (noarch)\n * rust-std-static-x86_64-unknown-uefi-1.96.1-1.hum1 (noarch)\n * rustfmt-1.96.1-1.hum1 (aarch64, x86_64)\n * rust-1.96.1-1.hum1.src (src)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:34975",
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-38969",
"url": "https://access.redhat.com/security/cve/CVE-2026-38969"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-12064",
"url": "https://access.redhat.com/security/cve/CVE-2026-12064"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-8286",
"url": "https://access.redhat.com/security/cve/CVE-2026-8286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-11352",
"url": "https://access.redhat.com/security/cve/CVE-2026-11352"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-11586",
"url": "https://access.redhat.com/security/cve/CVE-2026-11586"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9079",
"url": "https://access.redhat.com/security/cve/CVE-2026-9079"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-8926",
"url": "https://access.redhat.com/security/cve/CVE-2026-8926"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9546",
"url": "https://access.redhat.com/security/cve/CVE-2026-9546"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-8927",
"url": "https://access.redhat.com/security/cve/CVE-2026-8927"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-8925",
"url": "https://access.redhat.com/security/cve/CVE-2026-8925"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-11564",
"url": "https://access.redhat.com/security/cve/CVE-2026-11564"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9080",
"url": "https://access.redhat.com/security/cve/CVE-2026-9080"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-8458",
"url": "https://access.redhat.com/security/cve/CVE-2026-8458"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-11856",
"url": "https://access.redhat.com/security/cve/CVE-2026-11856"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-8924",
"url": "https://access.redhat.com/security/cve/CVE-2026-8924"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-14683",
"url": "https://access.redhat.com/security/cve/CVE-2026-14683"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-14685",
"url": "https://access.redhat.com/security/cve/CVE-2026-14685"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-14686",
"url": "https://access.redhat.com/security/cve/CVE-2026-14686"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-8932",
"url": "https://access.redhat.com/security/cve/CVE-2026-8932"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9547",
"url": "https://access.redhat.com/security/cve/CVE-2026-9547"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-14684",
"url": "https://access.redhat.com/security/cve/CVE-2026-14684"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-59870",
"url": "https://access.redhat.com/security/cve/CVE-2026-59870"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34975.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-07-08T21:36:59+00:00",
"generator": {
"date": "2026-07-08T21:36:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:34975",
"initial_release_date": "2026-07-02T15:43:28+00:00",
"revision_history": [
{
"date": "2026-07-02T15:43:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-08T17:42:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-08T21:36:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "rust-main@aarch64",
"product": {
"name": "rust-main@aarch64",
"product_id": "rust-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cargo@1.96.1-1.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rust-main@x86_64",
"product": {
"name": "rust-main@x86_64",
"product_id": "rust-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cargo@1.96.1-1.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rust-main@src",
"product": {
"name": "rust-main@src",
"product_id": "rust-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rust@1.96.1-1.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rust-main@noarch",
"product": {
"name": "rust-main@noarch",
"product_id": "rust-main@noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rust-debugger-common@1.96.1-1.hum1?arch=noarch\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rust-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:rust-main@aarch64"
},
"product_reference": "rust-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust-main@noarch as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:rust-main@noarch"
},
"product_reference": "rust-main@noarch",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:rust-main@src"
},
"product_reference": "rust-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:rust-main@x86_64"
},
"product_reference": "rust-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-8286",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-07-03T07:01:27.043110+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496763"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl. When a new data transfer attempts to upgrade its connection using STARTTLS, it may incorrectly reuse an existing live connection. This reuse can occur even if the Transport Layer Security (TLS) configuration of the new transfer does not match the existing connection, potentially leading to an insecure connection being established.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: curl: Insecure connection establishment due to TLS configuration mismatch",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw as `curl` may establish an insecure connection when attempting to upgrade a transfer with STARTTLS, potentially reusing an existing connection with mismatched TLS configurations. This could lead to unexpected data exposure or compromise, particularly in environments where `curl` is used for sensitive data transfers and relies on STARTTLS for security.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-8286"
},
{
"category": "external",
"summary": "RHBZ#2496763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496763"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-8286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-8286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8286"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-8286.html",
"url": "https://curl.se/docs/CVE-2026-8286.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-8286.json",
"url": "https://curl.se/docs/CVE-2026-8286.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3718195",
"url": "https://hackerone.com/reports/3718195"
}
],
"release_date": "2026-07-03T06:14:17.541000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "curl: curl: Insecure connection establishment due to TLS configuration mismatch"
},
{
"cve": "CVE-2026-8924",
"cwe": {
"id": "CWE-565",
"name": "Reliance on Cookies without Validation and Integrity Checking"
},
"discovery_date": "2026-07-03T07:01:32.981435+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496765"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl\u0027s cookie parsing logic. A malicious HTTP server can exploit this by setting \u0027super cookies\u0027 that bypass the Public Suffix List check. This allows an attacker-controlled origin to inject cookies that curl then transmits to unrelated third-party domains, leading to compromising request integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: curl: Cookie injection via malicious HTTP server using super cookies",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate: Red Hat rates this flaw Moderate (CVSS 6.5) compared to CISA\u0027s Critical (9.1). The scoring difference is due to two factors: first, exploitation requires the victim\u0027s curl to connect using a trailing-dot hostname (e.g., https://example.co.uk.), a format that is uncommon in practice and incompatible with TLS SNI; second, the direct impact is cookie injection into outbound requests \u2014 not exfiltration of victim data to the attacker. The curl project itself rates this flaw Low severity. Red Hat products that use curl for HTTP communication are affected, but the trailing-dot precondition significantly limits real-world exploitability. This flaw has not been shown to enable impacts beyond session integrity modification.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-8924"
},
{
"category": "external",
"summary": "RHBZ#2496765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496765"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-8924",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8924"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-8924",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8924"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-8924.html",
"url": "https://curl.se/docs/CVE-2026-8924.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-8924.json",
"url": "https://curl.se/docs/CVE-2026-8924.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3733905",
"url": "https://hackerone.com/reports/3733905"
}
],
"release_date": "2026-07-03T06:15:04.646000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Do not use trailing-dot hostnames in URLs passed to curl. Trailing dots are uncommon and incompatible with TLS SNI. Upgrade to curl 8.21.0 to resolve",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: curl: Cookie injection via malicious HTTP server using super cookies"
},
{
"cve": "CVE-2026-8925",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-07-03T07:01:24.086114+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496762"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl. The logic handling SASL (Simple Authentication and Security Layer) authentication could lead to a double-free vulnerability. This occurs because the GSASL context may be deallocated twice without clearing the pointer, potentially leading to memory corruption. An attacker could exploit this to cause a denial of service or potentially execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: curl: Double-free vulnerability in SASL authentication",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in curl\u0027s SASL authentication logic could lead to a double-free vulnerability, potentially resulting in memory corruption, denial of service, or arbitrary code execution. The impact is significant as curl is a widely used utility in Red Hat environments, and SASL authentication is a common enterprise configuration. Exploitation requires an attacker to interact with a service utilizing the vulnerable SASL authentication within curl. Exploitation of this flaw requires controlling which memory is addressed in the second free call and this is unlikely to be possible.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-8925"
},
{
"category": "external",
"summary": "RHBZ#2496762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-8925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8925"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-8925",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8925"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-8925.html",
"url": "https://curl.se/docs/CVE-2026-8925.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-8925.json",
"url": "https://curl.se/docs/CVE-2026-8925.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3735193",
"url": "https://hackerone.com/reports/3735193"
}
],
"release_date": "2026-07-03T06:15:25.448000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "curl: curl: Double-free vulnerability in SASL authentication"
},
{
"cve": "CVE-2026-8926",
"cwe": {
"id": "CWE-289",
"name": "Authentication Bypass by Alternate Name"
},
"discovery_date": "2026-07-03T07:01:18.157468+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496760"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl. When curl is configured to use a .netrc file for credentials and a URL is provided with a username but no password, curl may incorrectly retrieve and use the password for a different user from the .netrc file for the same host. This could lead to unauthorized information disclosure, as curl might connect using unintended credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: curl: Information disclosure via incorrect .netrc password lookup",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-8926"
},
{
"category": "external",
"summary": "RHBZ#2496760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496760"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-8926",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8926"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-8926",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8926"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-8926.html",
"url": "https://curl.se/docs/CVE-2026-8926.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-8926.json",
"url": "https://curl.se/docs/CVE-2026-8926.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3735184",
"url": "https://hackerone.com/reports/3735184"
}
],
"release_date": "2026-07-03T06:15:45.735000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: curl: Information disclosure via incorrect .netrc password lookup"
},
{
"cve": "CVE-2026-8927",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-07-03T07:01:44.730187+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496769"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libcurl. When reusing a libcurl handle for sequential transfers with environment-variable proxy configuration, the library does not properly clear the proxy authentication state. This oversight can lead to the unintended disclosure of `Proxy-Authorization` headers to an incorrect proxy, potentially exposing sensitive authentication information to an unauthorized entity. This is an information disclosure vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libcurl: libcurl: Information disclosure due to uncleared proxy authentication state",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important information disclosure vulnerability in libcurl arises when a handle is reused for sequential transfers with environment-variable proxy configurations, failing to clear the proxy authentication state. This oversight can lead to `Proxy-Authorization` headers being inadvertently sent to an incorrect proxy, potentially exposing sensitive authentication information in Red Hat environments utilizing multiple proxy configurations. This flaw leads only to a confidentiality impact. There has been no observed integrity impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-8927"
},
{
"category": "external",
"summary": "RHBZ#2496769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496769"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-8927",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8927"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-8927",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8927"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-8927.html",
"url": "https://curl.se/docs/CVE-2026-8927.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-8927.json",
"url": "https://curl.se/docs/CVE-2026-8927.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3744543",
"url": "https://hackerone.com/reports/3744543"
}
],
"release_date": "2026-07-03T06:16:06.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libcurl: libcurl: Information disclosure due to uncleared proxy authentication state"
},
{
"cve": "CVE-2026-8932",
"cwe": {
"id": "CWE-1025",
"name": "Comparison Using Wrong Factors"
},
"discovery_date": "2026-07-03T07:01:15.122562+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496759"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl. The libcurl library, used for transferring data with URLs, could improperly reuse existing network connections. This occurred even when changes to mutual Transport Layer Security (mTLS) settings, particularly those for client certificates, should have prevented such reuse. This issue could lead to a security feature bypass, where a client might use a connection with an unintended or weaker security configuration, potentially compromising the integrity or confidentiality of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libcurl: libcurl: Security feature bypass due to improper mTLS connection reuse",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security feature bypass in libcurl where mTLS connection reuse may occur despite changes to client certificate settings. This could lead to applications using libcurl with mTLS to inadvertently use a less secure connection than intended, potentially compromising data confidentiality or integrity. This issue primarily affects applications that dynamically alter mTLS client certificate configurations and reuse connections.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-8932"
},
{
"category": "external",
"summary": "RHBZ#2496759",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496759"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-8932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8932"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-8932",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8932"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-8932.html",
"url": "https://curl.se/docs/CVE-2026-8932.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-8932.json",
"url": "https://curl.se/docs/CVE-2026-8932.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3733910",
"url": "https://hackerone.com/reports/3733910"
}
],
"release_date": "2026-07-03T06:16:30.485000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libcurl: libcurl: Security feature bypass due to improper mTLS connection reuse"
},
{
"cve": "CVE-2026-9079",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2026-07-03T07:01:50.605956+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496771"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl. When libcurl is instructed to clear proxy authentication credentials, it fails to do so, leaving the old credentials available. This could lead to the unintended reuse of sensitive proxy authentication credentials for subsequent network transfers, potentially resulting in unauthorized access or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libcurl: libcurl: Information disclosure due to failure to clear proxy authentication credentials",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in libcurl\u0027s proxy authentication credential management can lead to information disclosure. There are no integrity or availability risks posed by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9079"
},
{
"category": "external",
"summary": "RHBZ#2496771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9079",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9079"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9079",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9079"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-9079.html",
"url": "https://curl.se/docs/CVE-2026-9079.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-9079.json",
"url": "https://curl.se/docs/CVE-2026-9079.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3750295",
"url": "https://hackerone.com/reports/3750295"
}
],
"release_date": "2026-07-03T06:16:51.127000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libcurl: libcurl: Information disclosure due to failure to clear proxy authentication credentials"
},
{
"cve": "CVE-2026-9080",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-07-03T07:01:03.085521+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496755"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libcurl. When `curl_easy_pause()` is called within the event-based `CURLMOPT_SOCKETFUNCTION` callback, a use-after-free vulnerability is triggered. This occurs because libcurl attempts to store a flag using a pointer to memory that has already been freed. An attacker could potentially exploit this to cause a denial of service or execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libcurl: libcurl: Use-after-free via curl_easy_pause() in CURLMOPT_SOCKETFUNCTION callback",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in libcurl stems from a use-after-free vulnerability when `curl_easy_pause()` is called within the `CURLMOPT_SOCKETFUNCTION` callback. This could allow an attacker to achieve denial of service or arbitrary code execution without requiring user interaction or elevated privileges. While dependent on a specific application implementation, the broad adoption of libcurl means Red Hat products leveraging this callback pattern could be affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9080"
},
{
"category": "external",
"summary": "RHBZ#2496755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496755"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9080",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9080"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9080",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9080"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-9080.html",
"url": "https://curl.se/docs/CVE-2026-9080.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-9080.json",
"url": "https://curl.se/docs/CVE-2026-9080.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3749204",
"url": "https://hackerone.com/reports/3749204"
}
],
"release_date": "2026-07-03T06:17:34.905000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libcurl: libcurl: Use-after-free via curl_easy_pause() in CURLMOPT_SOCKETFUNCTION callback"
},
{
"cve": "CVE-2026-9546",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-07-03T07:01:47.710324+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496770"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libcurl. This vulnerability causes the HTTP Referer header to persist even after it has been explicitly cleared. This can lead to the previous referrer string being unintentionally reused and sent in subsequent requests, potentially disclosing sensitive information to unintended servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libcurl: libcurl: Information disclosure due to persistent Referer header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in libcurl allows for sensitive information disclosure. Despite attempts to explicitly clear the HTTP Referer header, its internal state persists, leading to the unintended reuse and transmission of previous referrer strings in subsequent requests. This could expose sensitive data to unintended third-party servers in Red Hat products and services that rely on libcurl for HTTP communications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9546"
},
{
"category": "external",
"summary": "RHBZ#2496770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9546"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9546",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9546"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-9546.html",
"url": "https://curl.se/docs/CVE-2026-9546.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-9546.json",
"url": "https://curl.se/docs/CVE-2026-9546.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3754343",
"url": "https://hackerone.com/reports/3754343"
}
],
"release_date": "2026-07-03T06:18:14.447000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libcurl: libcurl: Information disclosure due to persistent Referer header"
},
{
"cve": "CVE-2026-9547",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-07-03T07:01:12.182841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496758"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl. When a libcurl-based application uses SCP:// or SFTP:// for transfers and employs the CURLOPT_SSH_KEYFUNCTION callback, it may silently accept an untrusted server. This occurs if the server\u0027s host key type differs from the one stored in the known_hosts file. The callback mechanism fails to enforce the host key restriction, enabling a connection to an untrusted server and risking a man-in-the-middle attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: curl: Man-in-the-middle attack via SSH host key bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw where libcurl-based applications performing SCP or SFTP transfers with the CURLOPT_SSH_KEYFUNCTION callback may silently accept an untrusted server. This occurs when a server presents a host key type that differs from the one recorded in the known_hosts file, bypassing a critical host key verification and enabling potential man-in-the-middle attacks. The vulnerability requires specific application callback usage, not a general curl client default.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9547"
},
{
"category": "external",
"summary": "RHBZ#2496758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9547"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-9547.html",
"url": "https://curl.se/docs/CVE-2026-9547.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-9547.json",
"url": "https://curl.se/docs/CVE-2026-9547.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3751712",
"url": "https://hackerone.com/reports/3751712"
}
],
"release_date": "2026-07-03T06:18:44.499000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "curl: curl: Man-in-the-middle attack via SSH host key bypass"
},
{
"cve": "CVE-2026-11352",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2026-07-03T07:01:09.200807+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496757"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl and libcurl. A malicious HTTP/3 server can exploit an issue in the QUIC UDP receive function by continuously streaming empty UDP datagrams. This can lead to a remote denial of service (DoS) against a curl or libcurl client, as the helper function discards zero-length UDP datagrams before counting them toward the per-call packet budget, causing the client to indefinitely stall.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: libcurl: curl/libcurl: Remote denial of service via QUIC UDP receive function vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in curl and libcurl allows a remote malicious HTTP/3 server to trigger a denial of service against a client. By continuously sending zero-length UDP datagrams, an attacker can indefinitely stall the client, impacting service availability without requiring authentication or user interaction. This poses a significant risk to applications relying on curl for HTTP/3 communication.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-11352"
},
{
"category": "external",
"summary": "RHBZ#2496757",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496757"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-11352",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-11352"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-11352",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11352"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-11352.html",
"url": "https://curl.se/docs/CVE-2026-11352.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-11352.json",
"url": "https://curl.se/docs/CVE-2026-11352.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3783438",
"url": "https://hackerone.com/reports/3783438"
}
],
"release_date": "2026-07-03T06:12:10.777000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "curl: libcurl: curl/libcurl: Remote denial of service via QUIC UDP receive function vulnerability"
},
{
"cve": "CVE-2026-11564",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-07-03T07:00:59.905332+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496754"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl. When libcurl reuses a connection from its connection pool, an easy handle that initially used default native Certificate Authority (CA) trust may continue to trust the native platform store. This occurs even after the application has switched that same handle to custom CA material for a subsequent transfer, potentially bypassing intended certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libcurl: libcurl: Certificate validation bypass due to incorrect connection reuse",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Moderate flaw in curl allows a certificate validation bypass. When libcurl reuses a connection, an application that switches from default native CA trust to custom CA material on the same handle may inadvertently continue to trust the native platform store. This could lead to a bypass of intended certificate validation, as the custom CA material might not be correctly applied, potentially allowing connections to untrusted endpoints.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-11564"
},
{
"category": "external",
"summary": "RHBZ#2496754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496754"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-11564",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-11564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-11564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11564"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-11564.html",
"url": "https://curl.se/docs/CVE-2026-11564.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-11564.json",
"url": "https://curl.se/docs/CVE-2026-11564.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3788984",
"url": "https://hackerone.com/reports/3788984"
}
],
"release_date": "2026-07-03T06:12:35.251000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libcurl: libcurl: Certificate validation bypass due to incorrect connection reuse"
},
{
"cve": "CVE-2026-11586",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-07-03T07:00:57.023167+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496753"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl. A malicious server can exploit this vulnerability by sending rapid, sequential WebSocket PING messages. Due to a lack of an upper bound on memory allocation for unacknowledged frames, curl can be forced to exhaust all available memory, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: curl: Denial of Service via WebSocket PING flood",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service vulnerability in curl allows a remote malicious server to exhaust system memory. By default, curl automatically responds to WebSocket PING frames without an upper bound on memory allocation, enabling an attacker to trigger resource exhaustion and cause service unavailability in affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-11586"
},
{
"category": "external",
"summary": "RHBZ#2496753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496753"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-11586",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-11586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-11586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11586"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-11586.html",
"url": "https://curl.se/docs/CVE-2026-11586.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-11586.json",
"url": "https://curl.se/docs/CVE-2026-11586.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3788931",
"url": "https://hackerone.com/reports/3788931"
}
],
"release_date": "2026-07-03T06:13:04.448000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "curl: curl: Denial of Service via WebSocket PING flood"
},
{
"cve": "CVE-2026-11856",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-07-03T07:01:38.848109+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496767"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl. When `libcurl` performs a transfer to an HTTP origin using Digest authentication and then reuses the same connection handle for a subsequent transfer to a different origin, it may incorrectly send the authentication header intended for the first origin to the second. This could lead to unintended information disclosure, potentially allowing an attacker to gain unauthorized access to sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: curl: Information disclosure via incorrect Digest authentication header reuse",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Moderate-severity flaw in `libcurl` can lead to information disclosure when an application reuses a `libcurl` handle for transfers to different HTTP origins while using Digest authentication. The vulnerability arises from `libcurl` incorrectly sending the authentication header intended for the initial origin to a subsequent, different origin. This could expose sensitive authentication data to an unintended recipient, potentially compromising user credentials or session information. The only observed impact from this flaw is an integrity impact.\n\n- libcurl only \u2014 the curl CLI is not affected\n- Requires an application to reuse an easy handle across different HTTP origins while Digest auth state is attached \u2014 a specific programming pattern\n- Credentials themselves are not leaked; only the authenticated state (\"Authorization: ...\" HTTP header)\n- Fixed in curl 8.21.0; affected range: 7.10.6 \u2013 8.20.0",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-11856"
},
{
"category": "external",
"summary": "RHBZ#2496767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496767"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-11856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-11856"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-11856",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11856"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-11856.html",
"url": "https://curl.se/docs/CVE-2026-11856.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-11856.json",
"url": "https://curl.se/docs/CVE-2026-11856.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3793260",
"url": "https://hackerone.com/reports/3793260"
}
],
"release_date": "2026-07-03T06:13:31.661000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\n\nCorrect usage of the library: Create a fresh handle for a different origin, or explicitly clear authentication-related state before reuse:\n```c\n// req.A\ncurl = curl_easy_init();\n...\ncurl_easy_cleanup(curl);\n\n\n// req.B\ncurl = curl_easy_init();\n...\ncurl_easy_cleanup(curl);\n```\n\nFixed in libcurl 8.21.0; affected range: 7.10.6 \u2013 8.20.0",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: curl: Information disclosure via incorrect Digest authentication header reuse"
},
{
"cve": "CVE-2026-12064",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2026-07-03T07:01:41.779195+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496768"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl. When a user invokes curl with a schemeless URL and specifies SFTP (SSH File Transfer Protocol) or SCP (Secure Copy Protocol) as the default protocol, the tool layer fails to initialize critical SSH security options. This bypasses host verification, allowing curl to connect to an unverified SSH remote host without alerting the user. This could enable an attacker to intercept or manipulate data through a man-in-the-middle attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: curl: SSH host verification bypass when using schemeless URLs with SFTP/SCP",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in curl allows an attacker to bypass SSH host verification when a user invokes curl with a schemeless URL and specifies SFTP or SCP as the default protocol. This can lead to man-in-the-middle attacks, enabling data interception or manipulation without user awareness in Red Hat environments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-12064"
},
{
"category": "external",
"summary": "RHBZ#2496768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496768"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-12064",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-12064"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-12064",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12064"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-12064.html",
"url": "https://curl.se/docs/CVE-2026-12064.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2026-12064.json",
"url": "https://curl.se/docs/CVE-2026-12064.json"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3797526",
"url": "https://hackerone.com/reports/3797526"
}
],
"release_date": "2026-07-03T06:13:55.302000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "curl: curl: SSH host verification bypass when using schemeless URLs with SFTP/SCP"
},
{
"cve": "CVE-2026-14684",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-07-05T00:01:25.404389+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2497103"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HdrHistogram. A local attacker can exploit a vulnerability in the `decodeFromByteBuffer` function by manipulating the `numberOfSignificantValueDigits` argument. This manipulation leads to uncontrolled memory allocation, which can result in a Denial of Service (DoS) condition, making the affected system or application unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.hdrhistogram/HdrHistogram: HdrHistogram: HdrHistogram: Denial of Service via uncontrolled memory allocation in decodeFromByteBuffer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Successful exploitation requires local access, as an attacker must be able to supply specially crafted, manipulated input directly to an application that is actively utilizing the affected HdrHistogram library.\nThe vulnerability is strictly limited to causing a Denial of Service (DoS) via uncontrolled memory allocation. It does not allow an attacker to execute arbitrary code, escalate privileges, or access unauthorized data. \nFurthermore, the impact is localized to the specific application processing the malicious input, rather than causing a broader, system-wide compromise.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-14684"
},
{
"category": "external",
"summary": "RHBZ#2497103",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2497103"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-14684",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-14684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-14684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-14684"
},
{
"category": "external",
"summary": "https://github.com/HdrHistogram/HdrHistogram/",
"url": "https://github.com/HdrHistogram/HdrHistogram/"
},
{
"category": "external",
"summary": "https://github.com/HdrHistogram/HdrHistogram/issues/220",
"url": "https://github.com/HdrHistogram/HdrHistogram/issues/220"
},
{
"category": "external",
"summary": "https://vuldb.com/cve/CVE-2026-14684",
"url": "https://vuldb.com/cve/CVE-2026-14684"
},
{
"category": "external",
"summary": "https://vuldb.com/submit/846754",
"url": "https://vuldb.com/submit/846754"
},
{
"category": "external",
"summary": "https://vuldb.com/vuln/376280",
"url": "https://vuldb.com/vuln/376280"
},
{
"category": "external",
"summary": "https://vuldb.com/vuln/376280/cti",
"url": "https://vuldb.com/vuln/376280/cti"
}
],
"release_date": "2026-07-04T23:30:10.875000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.hdrhistogram/HdrHistogram: HdrHistogram: HdrHistogram: Denial of Service via uncontrolled memory allocation in decodeFromByteBuffer"
},
{
"cve": "CVE-2026-38969",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-07-02T22:01:02.906970+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2496708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WEBrick, a Ruby web server toolkit. This vulnerability allows a remote attacker to perform request smuggling by manipulating the Content-Length header in HTTP/1.1 requests. WEBrick incorrectly re-parses the trailer Content-Length, leading to a desynchronization between the proxy and the backend server. This desynchronization can enable an attacker to bypass security controls, access unauthorized information, or inject malicious requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webrick: rubygem-webrick: WEBrick: Request smuggling via re-parsing of Content-Length header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in WEBrick\u0027s chunked transfer encoding parser. When processing HTTP chunked requests, WEBrick reparses trailer fields into the main request header map without filtering. An attacker can inject a forged Content-Length value via chunked trailers, which is then exposed through req[\u0027content-length\u0027] and req.meta_vars[\u0027CONTENT_LENGTH\u0027]. Applications that trust this metadata for security-relevant decisions (e.g., body size validation, request routing) may be susceptible to request smuggling or incorrect request processing. Note that WEBrick is not intended for production use \u2014 its own documentation recommends using a production-grade server such as Puma or Unicorn for internet-facing deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-38969"
},
{
"category": "external",
"summary": "RHBZ#2496708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-38969",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-38969"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-38969",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-38969"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-h4w6-wx8r-p68v",
"url": "https://github.com/advisories/GHSA-h4w6-wx8r-p68v"
},
{
"category": "external",
"summary": "https://github.com/ruby/webrick/issues/198",
"url": "https://github.com/ruby/webrick/issues/198"
},
{
"category": "external",
"summary": "https://github.com/ruby/webrick/pull/199",
"url": "https://github.com/ruby/webrick/pull/199"
}
],
"release_date": "2026-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T15:43:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34975"
},
{
"category": "workaround",
"details": "Do not expose WEBrick directly to untrusted network traffic. WEBrick is not designed for production use and should be replaced with a production-grade Ruby application server (e.g., Puma, Unicorn) behind a reverse proxy (e.g., nginx, Apache, HAProxy) that performs its own Content-Length validation and strips or rejects requests with conflicting transfer encoding headers.\n\nA patch is available: https://github.com/ruby/webrick/pull/199",
"product_ids": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:rust-main@aarch64",
"Red Hat Hardened Images:rust-main@noarch",
"Red Hat Hardened Images:rust-main@src",
"Red Hat Hardened Images:rust-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "webrick: rubygem-webrick: WEBrick: Request smuggling via re-parsing of Content-Length header"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.