VDB
JLSEC-2026-423
JLSEC-2026-423
PUBLISHED
CVSS 5.300000190734863 MEDIUM
curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the...
Risk Scores
CVSS v3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Julia | CURL_jll | 8.11.0+0 |
| Julia | LibCURL_jll | 8.11.0+0 |
Timeline
- May 4, 2026 CVE Published
- May 4, 2026 CVE Updated
References
- http://www.openwall.com/lists/oss-security/2025/09/10/2 url
- http://www.openwall.com/lists/oss-security/2025/09/10/3 url
- http://www.openwall.com/lists/oss-security/2025/09/10/4 url
- https://curl.se/docs/CVE-2025-10148.html url
- https://curl.se/docs/CVE-2025-10148.json url
- https://github.com/advisories/GHSA-cxvq-c3r3-8gwq url
- https://hackerone.com/reports/3330839 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-10148 url