Metrics
Affected Vendors & Products
Thu, 09 Jul 2026 00:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-200 |
Thu, 09 Jul 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat
Redhat hummingbird |
|
| Weaknesses | CWE-201 | |
| CPEs | cpe:/a:redhat:hummingbird:1 | |
| Vendors & Products |
Redhat
Redhat hummingbird |
|
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Wed, 08 Jul 2026 11:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-200 |
Wed, 08 Jul 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-200 |
Mon, 06 Jul 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-200 | |
| Metrics |
cvssV3_1
|
Mon, 06 Jul 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-200 |
Sun, 05 Jul 2026 05:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-200 |
Sat, 04 Jul 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-798 |
Sat, 04 Jul 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-798 |
Sat, 04 Jul 2026 05:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-200 CWE-639 |
Fri, 03 Jul 2026 10:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Curl
Curl curl |
|
| Vendors & Products |
Curl
Curl curl |
Fri, 03 Jul 2026 10:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-200 CWE-639 |
Fri, 03 Jul 2026 06:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Successfully using libcurl to do a transfer to a specific HTTP origin (`hostA`) with **Digest** authentication and then changing the origin to a different one (`hostB`) for a second transfer, reusing the same handle, makes libcurl wrongly pass on the `Authorization:` header field meant for `hostA`, to `hostB`. | |
| Title | cross-origin Digest auth state leak | |
| References |
|
Status: PUBLISHED
Assigner: curl
Published: 2026-07-03T06:13:31.661Z
Updated: 2026-07-06T18:23:52.111Z
Reserved: 2026-06-10T08:59:16.646Z
Link: CVE-2026-11856
Updated: 2026-07-06T18:23:29.315Z
No data.