HomeDefault status
unaffected
8.18.0 (semver)
affected
8.17.0 (semver)
affected
8.16.0 (semver)
affected
8.15.0 (semver)
affected
8.14.1 (semver)
affected
8.14.0 (semver)
affected
8.13.0 (semver)
affected
8.12.1 (semver)
affected
8.12.0 (semver)
affected
8.11.1 (semver)
affected
8.11.0 (semver)
affected
8.10.1 (semver)
affected
8.10.0 (semver)
affected
8.9.1 (semver)
affected
8.9.0 (semver)
affected
8.8.0 (semver)
affected
8.7.1 (semver)
affected
8.7.0 (semver)
affected
8.6.0 (semver)
affected
8.5.0 (semver)
affected
8.4.0 (semver)
affected
8.3.0 (semver)
affected
8.2.1 (semver)
affected
8.2.0 (semver)
affected
8.1.2 (semver)
affected
8.1.1 (semver)
affected
8.1.0 (semver)
affected
8.0.1 (semver)
affected
8.0.0 (semver)
affected
7.88.1 (semver)
affected
7.88.0 (semver)
affected
7.87.0 (semver)
affected
7.86.0 (semver)
affected
7.85.0 (semver)
affected
7.84.0 (semver)
affected
7.83.1 (semver)
affected
7.83.0 (semver)
affected
7.82.0 (semver)
affected
7.81.0 (semver)
affected
7.80.0 (semver)
affected
7.79.1 (semver)
affected
7.79.0 (semver)
affected
7.78.0 (semver)
affected
7.77.0 (semver)
affected
7.76.1 (semver)
affected
7.76.0 (semver)
affected
7.75.0 (semver)
affected
7.74.0 (semver)
affected
7.73.0 (semver)
affected
7.72.0 (semver)
affected
7.71.1 (semver)
affected
7.71.0 (semver)
affected
7.70.0 (semver)
affected
7.69.1 (semver)
affected
7.69.0 (semver)
affected
7.68.0 (semver)
affected
7.67.0 (semver)
affected
7.66.0 (semver)
affected
7.65.3 (semver)
affected
7.65.2 (semver)
affected
7.65.1 (semver)
affected
7.65.0 (semver)
affected
7.64.1 (semver)
affected
7.64.0 (semver)
affected
7.63.0 (semver)
affected
7.62.0 (semver)
affected
7.61.1 (semver)
affected
7.61.0 (semver)
affected
7.60.0 (semver)
affected
7.59.0 (semver)
affected
7.58.0 (semver)
affected
7.57.0 (semver)
affected
7.56.1 (semver)
affected
7.56.0 (semver)
affected
7.55.1 (semver)
affected
7.55.0 (semver)
affected
7.54.1 (semver)
affected
7.54.0 (semver)
affected
7.53.1 (semver)
affected
7.53.0 (semver)
affected
7.52.1 (semver)
affected
7.52.0 (semver)
affected
7.51.0 (semver)
affected
7.50.3 (semver)
affected
7.50.2 (semver)
affected
7.50.1 (semver)
affected
7.50.0 (semver)
affected
7.49.1 (semver)
affected
7.49.0 (semver)
affected
7.48.0 (semver)
affected
7.47.1 (semver)
affected
7.47.0 (semver)
affected
7.46.0 (semver)
affected
7.45.0 (semver)
affected
7.44.0 (semver)
affected
7.43.0 (semver)
affected
7.42.1 (semver)
affected
7.42.0 (semver)
affected
7.41.0 (semver)
affected
7.40.0 (semver)
affected
7.39.0 (semver)
affected
7.38.0 (semver)
affected
7.37.1 (semver)
affected
7.37.0 (semver)
affected
7.36.0 (semver)
affected
7.35.0 (semver)
affected
7.34.0 (semver)
affected
7.33.0 (semver)
affected
7.32.0 (semver)
affected
7.31.0 (semver)
affected
7.30.0 (semver)
affected
7.29.0 (semver)
affected
7.28.1 (semver)
affected
7.28.0 (semver)
affected
7.27.0 (semver)
affected
7.26.0 (semver)
affected
7.25.0 (semver)
affected
7.24.0 (semver)
affected
7.23.1 (semver)
affected
7.23.0 (semver)
affected
7.22.0 (semver)
affected
7.21.7 (semver)
affected
7.21.6 (semver)
affected
7.21.5 (semver)
affected
7.21.4 (semver)
affected
7.21.3 (semver)
affected
7.21.2 (semver)
affected
7.21.1 (semver)
affected
7.21.0 (semver)
affected
7.20.1 (semver)
affected
7.20.0 (semver)
affected
7.19.7 (semver)
affected
7.19.6 (semver)
affected
7.19.5 (semver)
affected
7.19.4 (semver)
affected
7.19.3 (semver)
affected
7.19.2 (semver)
affected
7.19.1 (semver)
affected
7.19.0 (semver)
affected
7.18.2 (semver)
affected
7.18.1 (semver)
affected
7.18.0 (semver)
affected
7.17.1 (semver)
affected
7.17.0 (semver)
affected
7.16.4 (semver)
affected
7.16.3 (semver)
affected
7.16.2 (semver)
affected
7.16.1 (semver)
affected
7.16.0 (semver)
affected
7.15.5 (semver)
affected
7.15.4 (semver)
affected
7.15.3 (semver)
affected
7.15.2 (semver)
affected
7.15.1 (semver)
affected
7.15.0 (semver)
affected
7.14.1 (semver)
affected
7.14.0 (semver)
affected
7.13.2 (semver)
affected
7.13.1 (semver)
affected
7.13.0 (semver)
affected
7.12.3 (semver)
affected
7.12.2 (semver)
affected
7.12.1 (semver)
affected
7.12.0 (semver)
affected
7.11.2 (semver)
affected
7.11.1 (semver)
affected
7.11.0 (semver)
affected
7.10.8 (semver)
affected
7.10.7 (semver)
affected
7.10.6 (semver)
affected
7.10.5 (semver)
affected
7.10.4 (semver)
affected
7.10.3 (semver)
affected
7.10.2 (semver)
affected
7.10.1 (semver)
affected
7.10 (semver)
affected
7.9.8 (semver)
affected
7.9.7 (semver)
affected
7.9.6 (semver)
affected
7.9.5 (semver)
affected
7.9.4 (semver)
affected
7.9.3 (semver)
affected
7.9.2 (semver)
affected
7.9.1 (semver)
affected
7.9 (semver)
affected
7.8.1 (semver)
affected
7.8 (semver)
affected
7.7.3 (semver)
affected
7.7.2 (semver)
affected
7.7.1 (semver)
affected
7.7 (semver)
affected
Description
curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection.
Problem types
CWE-305 Authentication Bypass by Primary Weakness
Product status
8.18.0 (semver)
8.17.0 (semver)
8.16.0 (semver)
8.15.0 (semver)
8.14.1 (semver)
8.14.0 (semver)
8.13.0 (semver)
8.12.1 (semver)
8.12.0 (semver)
8.11.1 (semver)
8.11.0 (semver)
8.10.1 (semver)
8.10.0 (semver)
8.9.1 (semver)
8.9.0 (semver)
8.8.0 (semver)
8.7.1 (semver)
8.7.0 (semver)
8.6.0 (semver)
8.5.0 (semver)
8.4.0 (semver)
8.3.0 (semver)
8.2.1 (semver)
8.2.0 (semver)
8.1.2 (semver)
8.1.1 (semver)
8.1.0 (semver)
8.0.1 (semver)
8.0.0 (semver)
7.88.1 (semver)
7.88.0 (semver)
7.87.0 (semver)
7.86.0 (semver)
7.85.0 (semver)
7.84.0 (semver)
7.83.1 (semver)
7.83.0 (semver)
7.82.0 (semver)
7.81.0 (semver)
7.80.0 (semver)
7.79.1 (semver)
7.79.0 (semver)
7.78.0 (semver)
7.77.0 (semver)
7.76.1 (semver)
7.76.0 (semver)
7.75.0 (semver)
7.74.0 (semver)
7.73.0 (semver)
7.72.0 (semver)
7.71.1 (semver)
7.71.0 (semver)
7.70.0 (semver)
7.69.1 (semver)
7.69.0 (semver)
7.68.0 (semver)
7.67.0 (semver)
7.66.0 (semver)
7.65.3 (semver)
7.65.2 (semver)
7.65.1 (semver)
7.65.0 (semver)
7.64.1 (semver)
7.64.0 (semver)
7.63.0 (semver)
7.62.0 (semver)
7.61.1 (semver)
7.61.0 (semver)
7.60.0 (semver)
7.59.0 (semver)
7.58.0 (semver)
7.57.0 (semver)
7.56.1 (semver)
7.56.0 (semver)
7.55.1 (semver)
7.55.0 (semver)
7.54.1 (semver)
7.54.0 (semver)
7.53.1 (semver)
7.53.0 (semver)
7.52.1 (semver)
7.52.0 (semver)
7.51.0 (semver)
7.50.3 (semver)
7.50.2 (semver)
7.50.1 (semver)
7.50.0 (semver)
7.49.1 (semver)
7.49.0 (semver)
7.48.0 (semver)
7.47.1 (semver)
7.47.0 (semver)
7.46.0 (semver)
7.45.0 (semver)
7.44.0 (semver)
7.43.0 (semver)
7.42.1 (semver)
7.42.0 (semver)
7.41.0 (semver)
7.40.0 (semver)
7.39.0 (semver)
7.38.0 (semver)
7.37.1 (semver)
7.37.0 (semver)
7.36.0 (semver)
7.35.0 (semver)
7.34.0 (semver)
7.33.0 (semver)
7.32.0 (semver)
7.31.0 (semver)
7.30.0 (semver)
7.29.0 (semver)
7.28.1 (semver)
7.28.0 (semver)
7.27.0 (semver)
7.26.0 (semver)
7.25.0 (semver)
7.24.0 (semver)
7.23.1 (semver)
7.23.0 (semver)
7.22.0 (semver)
7.21.7 (semver)
7.21.6 (semver)
7.21.5 (semver)
7.21.4 (semver)
7.21.3 (semver)
7.21.2 (semver)
7.21.1 (semver)
7.21.0 (semver)
7.20.1 (semver)
7.20.0 (semver)
7.19.7 (semver)
7.19.6 (semver)
7.19.5 (semver)
7.19.4 (semver)
7.19.3 (semver)
7.19.2 (semver)
7.19.1 (semver)
7.19.0 (semver)
7.18.2 (semver)
7.18.1 (semver)
7.18.0 (semver)
7.17.1 (semver)
7.17.0 (semver)
7.16.4 (semver)
7.16.3 (semver)
7.16.2 (semver)
7.16.1 (semver)
7.16.0 (semver)
7.15.5 (semver)
7.15.4 (semver)
7.15.3 (semver)
7.15.2 (semver)
7.15.1 (semver)
7.15.0 (semver)
7.14.1 (semver)
7.14.0 (semver)
7.13.2 (semver)
7.13.1 (semver)
7.13.0 (semver)
7.12.3 (semver)
7.12.2 (semver)
7.12.1 (semver)
7.12.0 (semver)
7.11.2 (semver)
7.11.1 (semver)
7.11.0 (semver)
7.10.8 (semver)
7.10.7 (semver)
7.10.6 (semver)
7.10.5 (semver)
7.10.4 (semver)
7.10.3 (semver)
7.10.2 (semver)
7.10.1 (semver)
7.10 (semver)
7.9.8 (semver)
7.9.7 (semver)
7.9.6 (semver)
7.9.5 (semver)
7.9.4 (semver)
7.9.3 (semver)
7.9.2 (semver)
7.9.1 (semver)
7.9 (semver)
7.8.1 (semver)
7.8 (semver)
7.7.3 (semver)
7.7.2 (semver)
7.7.1 (semver)
7.7 (semver)
Credits
Muhamad Arga Reksapati (HackerOne: nobcoder)
Stefan Eissing
References
www.openwall.com/lists/oss-security/2026/03/11/3
curl.se/docs/CVE-2026-3784.json (json)
curl.se/docs/CVE-2026-3784.html (www)
hackerone.com/reports/3584903 (issue)