PT-2026-51743 · Git · Curl
Published
2026-06-24
·
Updated
2026-06-24
·
CVE-2026-11856
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Successfully using libcurl to do a transfer to a specific HTTP origin
(
hostA) with Digest authentication and then changing the origin to a
different one (hostB) for a second transfer, reusing the same handle, makes
libcurl wrongly pass on the Authorization: header field meant for hostA,
to hostB. Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Curl