cross-proxy Digest auth state leak_CVE-2026-7168

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Description

Successfully using libcurl to do a transfer over a specific HTTP proxy
(`proxyA`) with **Digest** authentication and then changing the proxy host to
a second one (`proxyB`) for a second transfer, reusing the same handle, makes
libcurl wrongly pass on the `Proxy-Authorization:` header field meant for
`proxyA`, to `proxyB`.

Basic Information

ID CVE-2026-7168

Source curl

Published May 13, 2026 at 08:29

Modified May 13, 2026 at 14:18

Affected Product

Vendor curl

Product curl

Version 8.19.0

Affected Versions curl curl 8.19.0
curl curl 8.18.0
curl curl 8.17.0
curl curl 8.16.0
curl curl 8.15.0
curl curl 8.14.1
curl curl 8.14.0
curl curl 8.13.0
curl curl 8.12.1
curl curl 8.12.0
curl curl 8.11.1
curl curl 8.11.0
curl curl 8.10.1
curl curl 8.10.0
curl curl 8.9.1
curl curl 8.9.0
curl curl 8.8.0
curl curl 8.7.1
curl curl 8.7.0
curl curl 8.6.0
curl curl 8.5.0
curl curl 8.4.0
curl curl 8.3.0
curl curl 8.2.1
curl curl 8.2.0
curl curl 8.1.2
curl curl 8.1.1
curl curl 8.1.0
curl curl 8.0.1
curl curl 8.0.0
curl curl 7.88.1
curl curl 7.88.0
curl curl 7.87.0
curl curl 7.86.0
curl curl 7.85.0
curl curl 7.84.0
curl curl 7.83.1
curl curl 7.83.0
curl curl 7.82.0
curl curl 7.81.0
curl curl 7.80.0
curl curl 7.79.1
curl curl 7.79.0
curl curl 7.78.0
curl curl 7.77.0
curl curl 7.76.1
curl curl 7.76.0
curl curl 7.75.0
curl curl 7.74.0
curl curl 7.73.0
curl curl 7.72.0
curl curl 7.71.1
curl curl 7.71.0
curl curl 7.70.0
curl curl 7.69.1
curl curl 7.69.0
curl curl 7.68.0
curl curl 7.67.0
curl curl 7.66.0
curl curl 7.65.3
curl curl 7.65.2
curl curl 7.65.1
curl curl 7.65.0
curl curl 7.64.1
curl curl 7.64.0
curl curl 7.63.0
curl curl 7.62.0
curl curl 7.61.1
curl curl 7.61.0
curl curl 7.60.0
curl curl 7.59.0
curl curl 7.58.0
curl curl 7.57.0
curl curl 7.56.1
curl curl 7.56.0
curl curl 7.55.1
curl curl 7.55.0
curl curl 7.54.1
curl curl 7.54.0
curl curl 7.53.1
curl curl 7.53.0
curl curl 7.52.1
curl curl 7.52.0
curl curl 7.51.0
curl curl 7.50.3
curl curl 7.50.2
curl curl 7.50.1
curl curl 7.50.0
curl curl 7.49.1
curl curl 7.49.0
curl curl 7.48.0
curl curl 7.47.1
curl curl 7.47.0
curl curl 7.46.0
curl curl 7.45.0
curl curl 7.44.0
curl curl 7.43.0
curl curl 7.42.1
curl curl 7.42.0
curl curl 7.41.0
curl curl 7.40.0
curl curl 7.39.0
curl curl 7.38.0
curl curl 7.37.1
curl curl 7.37.0
curl curl 7.36.0
curl curl 7.35.0
curl curl 7.34.0
curl curl 7.33.0
curl curl 7.32.0
curl curl 7.31.0
curl curl 7.30.0
curl curl 7.29.0
curl curl 7.28.1
curl curl 7.28.0
curl curl 7.27.0
curl curl 7.26.0
curl curl 7.25.0
curl curl 7.24.0
curl curl 7.23.1
curl curl 7.23.0
curl curl 7.22.0
curl curl 7.21.7
curl curl 7.21.6
curl curl 7.21.5
curl curl 7.21.4
curl curl 7.21.3
curl curl 7.21.2
curl curl 7.21.1
curl curl 7.21.0
curl curl 7.20.1
curl curl 7.20.0
curl curl 7.19.7
curl curl 7.19.6
curl curl 7.19.5
curl curl 7.19.4
curl curl 7.19.3
curl curl 7.19.2
curl curl 7.19.1
curl curl 7.19.0
curl curl 7.18.2
curl curl 7.18.1
curl curl 7.18.0
curl curl 7.17.1
curl curl 7.17.0
curl curl 7.16.4
curl curl 7.16.3
curl curl 7.16.2
curl curl 7.16.1
curl curl 7.16.0
curl curl 7.15.5
curl curl 7.15.4
curl curl 7.15.3
curl curl 7.15.2
curl curl 7.15.1
curl curl 7.15.0
curl curl 7.14.1
curl curl 7.14.0
curl curl 7.13.2
curl curl 7.13.1
curl curl 7.13.0
curl curl 7.12.3
curl curl 7.12.2
curl curl 7.12.1
curl curl 7.12.0

References

{
    "lastseen": "",
    "description": "Successfully using libcurl to do a transfer over a specific HTTP proxy\n(`proxyA`) with **Digest** authentication and then changing the proxy host to\na second one (`proxyB`) for a second transfer, reusing the same handle, makes\nlibcurl wrongly pass on the `Proxy-Authorization:` header field meant for\n`proxyA`, to `proxyB`.",
    "published": "2026-05-13T08:29:08.900Z",
    "modified": "2026-05-13T14:18:13.718Z",
    "type": "cve",
    "title": "cross-proxy Digest auth state leak",
    "source": "curl",
    "references": "https://curl.se/docs/CVE-2026-7168.json\nhttps://curl.se/docs/CVE-2026-7168.html\nhttps://hackerone.com/reports/3697719",
    "id": "CVE-2026-7168",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "curl curl 8.19.0\ncurl curl 8.18.0\ncurl curl 8.17.0\ncurl curl 8.16.0\ncurl curl 8.15.0\ncurl curl 8.14.1\ncurl curl 8.14.0\ncurl curl 8.13.0\ncurl curl 8.12.1\ncurl curl 8.12.0\ncurl curl 8.11.1\ncurl curl 8.11.0\ncurl curl 8.10.1\ncurl curl 8.10.0\ncurl curl 8.9.1\ncurl curl 8.9.0\ncurl curl 8.8.0\ncurl curl 8.7.1\ncurl curl 8.7.0\ncurl curl 8.6.0\ncurl curl 8.5.0\ncurl curl 8.4.0\ncurl curl 8.3.0\ncurl curl 8.2.1\ncurl curl 8.2.0\ncurl curl 8.1.2\ncurl curl 8.1.1\ncurl curl 8.1.0\ncurl curl 8.0.1\ncurl curl 8.0.0\ncurl curl 7.88.1\ncurl curl 7.88.0\ncurl curl 7.87.0\ncurl curl 7.86.0\ncurl curl 7.85.0\ncurl curl 7.84.0\ncurl curl 7.83.1\ncurl curl 7.83.0\ncurl curl 7.82.0\ncurl curl 7.81.0\ncurl curl 7.80.0\ncurl curl 7.79.1\ncurl curl 7.79.0\ncurl curl 7.78.0\ncurl curl 7.77.0\ncurl curl 7.76.1\ncurl curl 7.76.0\ncurl curl 7.75.0\ncurl curl 7.74.0\ncurl curl 7.73.0\ncurl curl 7.72.0\ncurl curl 7.71.1\ncurl curl 7.71.0\ncurl curl 7.70.0\ncurl curl 7.69.1\ncurl curl 7.69.0\ncurl curl 7.68.0\ncurl curl 7.67.0\ncurl curl 7.66.0\ncurl curl 7.65.3\ncurl curl 7.65.2\ncurl curl 7.65.1\ncurl curl 7.65.0\ncurl curl 7.64.1\ncurl curl 7.64.0\ncurl curl 7.63.0\ncurl curl 7.62.0\ncurl curl 7.61.1\ncurl curl 7.61.0\ncurl curl 7.60.0\ncurl curl 7.59.0\ncurl curl 7.58.0\ncurl curl 7.57.0\ncurl curl 7.56.1\ncurl curl 7.56.0\ncurl curl 7.55.1\ncurl curl 7.55.0\ncurl curl 7.54.1\ncurl curl 7.54.0\ncurl curl 7.53.1\ncurl curl 7.53.0\ncurl curl 7.52.1\ncurl curl 7.52.0\ncurl curl 7.51.0\ncurl curl 7.50.3\ncurl curl 7.50.2\ncurl curl 7.50.1\ncurl curl 7.50.0\ncurl curl 7.49.1\ncurl curl 7.49.0\ncurl curl 7.48.0\ncurl curl 7.47.1\ncurl curl 7.47.0\ncurl curl 7.46.0\ncurl curl 7.45.0\ncurl curl 7.44.0\ncurl curl 7.43.0\ncurl curl 7.42.1\ncurl curl 7.42.0\ncurl curl 7.41.0\ncurl curl 7.40.0\ncurl curl 7.39.0\ncurl curl 7.38.0\ncurl curl 7.37.1\ncurl curl 7.37.0\ncurl curl 7.36.0\ncurl curl 7.35.0\ncurl curl 7.34.0\ncurl curl 7.33.0\ncurl curl 7.32.0\ncurl curl 7.31.0\ncurl curl 7.30.0\ncurl curl 7.29.0\ncurl curl 7.28.1\ncurl curl 7.28.0\ncurl curl 7.27.0\ncurl curl 7.26.0\ncurl curl 7.25.0\ncurl curl 7.24.0\ncurl curl 7.23.1\ncurl curl 7.23.0\ncurl curl 7.22.0\ncurl curl 7.21.7\ncurl curl 7.21.6\ncurl curl 7.21.5\ncurl curl 7.21.4\ncurl curl 7.21.3\ncurl curl 7.21.2\ncurl curl 7.21.1\ncurl curl 7.21.0\ncurl curl 7.20.1\ncurl curl 7.20.0\ncurl curl 7.19.7\ncurl curl 7.19.6\ncurl curl 7.19.5\ncurl curl 7.19.4\ncurl curl 7.19.3\ncurl curl 7.19.2\ncurl curl 7.19.1\ncurl curl 7.19.0\ncurl curl 7.18.2\ncurl curl 7.18.1\ncurl curl 7.18.0\ncurl curl 7.17.1\ncurl curl 7.17.0\ncurl curl 7.16.4\ncurl curl 7.16.3\ncurl curl 7.16.2\ncurl curl 7.16.1\ncurl curl 7.16.0\ncurl curl 7.15.5\ncurl curl 7.15.4\ncurl curl 7.15.3\ncurl curl 7.15.2\ncurl curl 7.15.1\ncurl curl 7.15.0\ncurl curl 7.14.1\ncurl curl 7.14.0\ncurl curl 7.13.2\ncurl curl 7.13.1\ncurl curl 7.13.0\ncurl curl 7.12.3\ncurl curl 7.12.2\ncurl curl 7.12.1\ncurl curl 7.12.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "curl",
    "version": "8.19.0",
    "vendor": "curl",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply