CVE Vulnerabilities

CVE-2026-8927

Authentication Bypass by Capture-replay

Published: Jul 03, 2026 | Modified: Jul 07, 2026
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
7.5 IMPORTANT
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Ubuntu
MEDIUM
root.io logo minimus.io logo echo.ai logo

When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state between requests. Specifically, if the initial transfer authenticates against proxyA using Digest auth, a subsequent transfer routed through proxyB erroneously leaks the Proxy-Authorization: header intended solely for proxyA.

Weakness

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

Affected Software

NameVendorStart VersionEnd Version
CurlHaxx7.12.0 (including)8.21.0 (excluding)
Red Hat Hardened ImagesRedHatrust-main-1.96.1-1.hum1*
CurlUbuntudevel*
CurlUbuntuesm-infra-legacy/trusty*
CurlUbuntuesm-infra-legacy/xenial*
CurlUbuntuesm-infra/bionic*
CurlUbuntuesm-infra/focal*
CurlUbuntujammy*
CurlUbuntunoble*
CurlUbuntuquesting*
CurlUbunturesolute*
CurlUbuntuupstream*

Potential Mitigations

References