A vulnerability exists where a new transfer that uses STARTTLS to upgrade the
connection might reuse an existing live connection even though the TLS
configuration mismatches so it should not.
connection might reuse an existing live connection even though the TLS
configuration mismatches so it should not.
Advisories
| Source | ID | Title |
|---|---|---|
Ubuntu USN |
USN-8487-1 | curl vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 03 Jul 2026 21:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-200 CWE-311 |
Fri, 03 Jul 2026 10:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-200 CWE-311 |
Fri, 03 Jul 2026 09:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Curl
Curl curl |
|
| Vendors & Products |
Curl
Curl curl |
Fri, 03 Jul 2026 06:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability exists where a new transfer that uses STARTTLS to upgrade the connection might reuse an existing live connection even though the TLS configuration mismatches so it should not. | |
| Title | wrong STARTTLS connection reuse | |
| References |
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: curl
Published:
Updated: 2026-07-03T06:14:17.541Z
Reserved: 2026-05-11T07:06:37.906Z
Link: CVE-2026-8286
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-03T20:45:16Z
Weaknesses
No weakness.
Ubuntu USN