{"id":"OESA-2026-1191","summary":"curl security update","details":"cURL is a computer software project providing a library (libcurl) and command-line tool (curl) for transferring data using various protocols.\r\n\r\nSecurity Fix(es):\n\nWhen an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer\nperforms a cross-protocol redirect to a second URL that uses an IMAP, LDAP,\nPOP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new\ntarget host.(CVE-2025-14524)\n\nWhen doing TLS related transfers with reused easy or multi handles and\naltering the  `CURLSSLOPT_NO_PARTIALCHAIN` option, libcurl could accidentally\nreuse a CA store cached in memory for which the partial chain option was\nreversed. Contrary to the user's wishes and expectations. This could make\nlibcurl find and accept a trust chain that it otherwise would not.(CVE-2025-14819)\n\nWhen doing SSH-based transfers using either SCP or SFTP, and setting the\nknown_hosts file, libcurl could still mistakenly accept connecting to hosts\n*not present* in the specified file if they were added as recognized in the\nlibssh *global* known_hosts file.(CVE-2025-15079)\n\nWhen doing SSH-based transfers using either SCP or SFTP, and asked to do\npublic key authentication, curl would wrongly still ask and authenticate using\na locally running SSH agent.(CVE-2025-15224)","modified":"2026-01-23T12:45:04.061886Z","published":"2026-01-23T12:22:47Z","upstream":["CVE-2025-14524","CVE-2025-14819","CVE-2025-15079","CVE-2025-15224"],"database_specific":{"severity":"Medium"},"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1191"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-14524"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-14819"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-15079"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-15224"}],"affected":[{"package":{"name":"curl","ecosystem":"openEuler:24.03-LTS-SP2","purl":"pkg:rpm/openEuler/curl&distro=openEuler-24.03-LTS-SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.4.0-26.oe2403sp2"}]}],"ecosystem_specific":{"src":["curl-8.4.0-26.oe2403sp2.src.rpm"],"x86_64":["curl-8.4.0-26.oe2403sp2.x86_64.rpm","curl-debuginfo-8.4.0-26.oe2403sp2.x86_64.rpm","curl-debugsource-8.4.0-26.oe2403sp2.x86_64.rpm","libcurl-8.4.0-26.oe2403sp2.x86_64.rpm","libcurl-devel-8.4.0-26.oe2403sp2.x86_64.rpm"],"aarch64":["curl-8.4.0-26.oe2403sp2.aarch64.rpm","curl-debuginfo-8.4.0-26.oe2403sp2.aarch64.rpm","curl-debugsource-8.4.0-26.oe2403sp2.aarch64.rpm","libcurl-8.4.0-26.oe2403sp2.aarch64.rpm","libcurl-devel-8.4.0-26.oe2403sp2.aarch64.rpm"],"noarch":["curl-help-8.4.0-26.oe2403sp2.noarch.rpm"]},"database_specific":{"source":"https://repo.openeuler.org/security/data/osv/OESA-2026-1191.json"}}],"schema_version":"1.7.3"}