HomeDefault status
unaffected
8.19.0 (semver)
affected
8.18.0 (semver)
affected
8.17.0 (semver)
affected
8.16.0 (semver)
affected
8.15.0 (semver)
affected
8.14.1 (semver)
affected
8.14.0 (semver)
affected
8.13.0 (semver)
affected
8.12.1 (semver)
affected
8.12.0 (semver)
affected
8.11.1 (semver)
affected
8.11.0 (semver)
affected
8.10.1 (semver)
affected
8.10.0 (semver)
affected
8.9.1 (semver)
affected
8.9.0 (semver)
affected
8.8.0 (semver)
affected
8.7.1 (semver)
affected
8.7.0 (semver)
affected
8.6.0 (semver)
affected
8.5.0 (semver)
affected
8.4.0 (semver)
affected
8.3.0 (semver)
affected
8.2.1 (semver)
affected
8.2.0 (semver)
affected
8.1.2 (semver)
affected
8.1.1 (semver)
affected
8.1.0 (semver)
affected
8.0.1 (semver)
affected
8.0.0 (semver)
affected
7.88.1 (semver)
affected
7.88.0 (semver)
affected
7.87.0 (semver)
affected
7.86.0 (semver)
affected
7.85.0 (semver)
affected
7.84.0 (semver)
affected
7.83.1 (semver)
affected
7.83.0 (semver)
affected
7.82.0 (semver)
affected
7.81.0 (semver)
affected
7.80.0 (semver)
affected
7.79.1 (semver)
affected
7.79.0 (semver)
affected
7.78.0 (semver)
affected
7.77.0 (semver)
affected
7.76.1 (semver)
affected
7.76.0 (semver)
affected
7.75.0 (semver)
affected
7.74.0 (semver)
affected
7.73.0 (semver)
affected
7.72.0 (semver)
affected
7.71.1 (semver)
affected
7.71.0 (semver)
affected
7.70.0 (semver)
affected
7.69.1 (semver)
affected
7.69.0 (semver)
affected
7.68.0 (semver)
affected
7.67.0 (semver)
affected
7.66.0 (semver)
affected
7.65.3 (semver)
affected
7.65.2 (semver)
affected
7.65.1 (semver)
affected
7.65.0 (semver)
affected
7.64.1 (semver)
affected
7.64.0 (semver)
affected
7.63.0 (semver)
affected
7.62.0 (semver)
affected
7.61.1 (semver)
affected
7.61.0 (semver)
affected
7.60.0 (semver)
affected
7.59.0 (semver)
affected
7.58.0 (semver)
affected
7.57.0 (semver)
affected
7.56.1 (semver)
affected
7.56.0 (semver)
affected
7.55.1 (semver)
affected
7.55.0 (semver)
affected
7.54.1 (semver)
affected
7.54.0 (semver)
affected
7.53.1 (semver)
affected
7.53.0 (semver)
affected
7.52.1 (semver)
affected
7.52.0 (semver)
affected
7.51.0 (semver)
affected
7.50.3 (semver)
affected
7.50.2 (semver)
affected
7.50.1 (semver)
affected
7.50.0 (semver)
affected
7.49.1 (semver)
affected
7.49.0 (semver)
affected
7.48.0 (semver)
affected
7.47.1 (semver)
affected
7.47.0 (semver)
affected
7.46.0 (semver)
affected
7.45.0 (semver)
affected
7.44.0 (semver)
affected
7.43.0 (semver)
affected
7.42.1 (semver)
affected
7.42.0 (semver)
affected
7.41.0 (semver)
affected
7.40.0 (semver)
affected
7.39.0 (semver)
affected
7.38.0 (semver)
affected
7.37.1 (semver)
affected
7.37.0 (semver)
affected
7.36.0 (semver)
affected
7.35.0 (semver)
affected
7.34.0 (semver)
affected
7.33.0 (semver)
affected
7.32.0 (semver)
affected
7.31.0 (semver)
affected
7.30.0 (semver)
affected
7.29.0 (semver)
affected
7.28.1 (semver)
affected
7.28.0 (semver)
affected
7.27.0 (semver)
affected
7.26.0 (semver)
affected
7.25.0 (semver)
affected
7.24.0 (semver)
affected
7.23.1 (semver)
affected
7.23.0 (semver)
affected
7.22.0 (semver)
affected
7.21.7 (semver)
affected
7.21.6 (semver)
affected
7.21.5 (semver)
affected
7.21.4 (semver)
affected
7.21.3 (semver)
affected
7.21.2 (semver)
affected
7.21.1 (semver)
affected
7.21.0 (semver)
affected
7.20.1 (semver)
affected
7.20.0 (semver)
affected
Description
A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text (via IMAP, SMTP, or POP3), a subsequent request to that same host bypasses the TLS requirement and instead transmit data unencrypted.
Problem types
CWE-319 Cleartext Transmission of Sensitive Information
Product status
8.19.0 (semver)
8.18.0 (semver)
8.17.0 (semver)
8.16.0 (semver)
8.15.0 (semver)
8.14.1 (semver)
8.14.0 (semver)
8.13.0 (semver)
8.12.1 (semver)
8.12.0 (semver)
8.11.1 (semver)
8.11.0 (semver)
8.10.1 (semver)
8.10.0 (semver)
8.9.1 (semver)
8.9.0 (semver)
8.8.0 (semver)
8.7.1 (semver)
8.7.0 (semver)
8.6.0 (semver)
8.5.0 (semver)
8.4.0 (semver)
8.3.0 (semver)
8.2.1 (semver)
8.2.0 (semver)
8.1.2 (semver)
8.1.1 (semver)
8.1.0 (semver)
8.0.1 (semver)
8.0.0 (semver)
7.88.1 (semver)
7.88.0 (semver)
7.87.0 (semver)
7.86.0 (semver)
7.85.0 (semver)
7.84.0 (semver)
7.83.1 (semver)
7.83.0 (semver)
7.82.0 (semver)
7.81.0 (semver)
7.80.0 (semver)
7.79.1 (semver)
7.79.0 (semver)
7.78.0 (semver)
7.77.0 (semver)
7.76.1 (semver)
7.76.0 (semver)
7.75.0 (semver)
7.74.0 (semver)
7.73.0 (semver)
7.72.0 (semver)
7.71.1 (semver)
7.71.0 (semver)
7.70.0 (semver)
7.69.1 (semver)
7.69.0 (semver)
7.68.0 (semver)
7.67.0 (semver)
7.66.0 (semver)
7.65.3 (semver)
7.65.2 (semver)
7.65.1 (semver)
7.65.0 (semver)
7.64.1 (semver)
7.64.0 (semver)
7.63.0 (semver)
7.62.0 (semver)
7.61.1 (semver)
7.61.0 (semver)
7.60.0 (semver)
7.59.0 (semver)
7.58.0 (semver)
7.57.0 (semver)
7.56.1 (semver)
7.56.0 (semver)
7.55.1 (semver)
7.55.0 (semver)
7.54.1 (semver)
7.54.0 (semver)
7.53.1 (semver)
7.53.0 (semver)
7.52.1 (semver)
7.52.0 (semver)
7.51.0 (semver)
7.50.3 (semver)
7.50.2 (semver)
7.50.1 (semver)
7.50.0 (semver)
7.49.1 (semver)
7.49.0 (semver)
7.48.0 (semver)
7.47.1 (semver)
7.47.0 (semver)
7.46.0 (semver)
7.45.0 (semver)
7.44.0 (semver)
7.43.0 (semver)
7.42.1 (semver)
7.42.0 (semver)
7.41.0 (semver)
7.40.0 (semver)
7.39.0 (semver)
7.38.0 (semver)
7.37.1 (semver)
7.37.0 (semver)
7.36.0 (semver)
7.35.0 (semver)
7.34.0 (semver)
7.33.0 (semver)
7.32.0 (semver)
7.31.0 (semver)
7.30.0 (semver)
7.29.0 (semver)
7.28.1 (semver)
7.28.0 (semver)
7.27.0 (semver)
7.26.0 (semver)
7.25.0 (semver)
7.24.0 (semver)
7.23.1 (semver)
7.23.0 (semver)
7.22.0 (semver)
7.21.7 (semver)
7.21.6 (semver)
7.21.5 (semver)
7.21.4 (semver)
7.21.3 (semver)
7.21.2 (semver)
7.21.1 (semver)
7.21.0 (semver)
7.20.1 (semver)
7.20.0 (semver)
Credits
Arkadi Vainbrand
Daniel Stenberg
References
www.openwall.com/lists/oss-security/2026/04/29/7
curl.se/docs/CVE-2026-4873.json (json)
curl.se/docs/CVE-2026-4873.html (www)
hackerone.com/reports/3621851 (issue)