VDB
JLSEC-2026-419
JLSEC-2026-419
PUBLISHED
CVSS 5.900000095367432 MEDIUM
When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's...
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Julia | CURL_jll | 0 |
| Julia | LibCURL_jll | 7.81.0+0 |
Timeline
- May 4, 2026 CVE Published
- May 4, 2026 CVE Updated
References
- http://seclists.org/fulldisclosure/2025/Apr/4 url
- http://seclists.org/fulldisclosure/2025/Apr/5 url
- http://seclists.org/fulldisclosure/2025/Apr/8 url
- http://seclists.org/fulldisclosure/2025/Apr/9 url
- http://seclists.org/fulldisclosure/2025/Apr/10 url
- http://seclists.org/fulldisclosure/2025/Apr/11 url
- http://seclists.org/fulldisclosure/2025/Apr/12 url
- http://seclists.org/fulldisclosure/2025/Apr/13 url
- http://www.openwall.com/lists/oss-security/2024/11/06/2 url
- https://curl.se/docs/CVE-2024-9681.html url
- https://curl.se/docs/CVE-2024-9681.json url
- https://github.com/advisories/GHSA-g337-g667-mjvw url
- https://hackerone.com/reports/2764830 url
- https://nvd.nist.gov/vuln/detail/CVE-2024-9681 url
- https://security.netapp.com/advisory/ntap-20241213-0006 url
- https://security.netapp.com/advisory/ntap-20241213-0006/ url