CVE-2026-3784

ADVISORY - nist

Summary

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection.

EPSS Score⁠: 0.00016 (0.036)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-305⁠

Authentication Bypass by Primary Weakness

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.