CVE-2026-8927
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
03/07/2026
Última modificación:
03/07/2026
Descripción
*** Pendiente de traducción *** When reusing a libcurl handle for sequential transfers driven by<br />
environment-variable proxy configuration, libcurl fails to clear the proxy<br />
authentication state between requests. Specifically, if the initial transfer<br />
authenticates against `proxyA` using Digest auth, a subsequent transfer routed<br />
through `proxyB` erroneously leaks the `Proxy-Authorization:` header intended<br />
solely for `proxyA`.



