CVE-2026-3784 PUBLISHED

wrong proxy connection reuse with credentials

Assigner: curl
Reserved: 08.03.2026 Published: 11.03.2026 Updated: 11.03.2026

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection.

Product Status

Vendor	curl
Product	curl
Versions	Default: unaffected affected from 8.18.0 to 8.18.0 (incl.) affected from 8.17.0 to 8.17.0 (incl.) affected from 8.16.0 to 8.16.0 (incl.) affected from 8.15.0 to 8.15.0 (incl.) affected from 8.14.1 to 8.14.1 (incl.) affected from 8.14.0 to 8.14.0 (incl.) affected from 8.13.0 to 8.13.0 (incl.) affected from 8.12.1 to 8.12.1 (incl.) affected from 8.12.0 to 8.12.0 (incl.) affected from 8.11.1 to 8.11.1 (incl.) affected from 8.11.0 to 8.11.0 (incl.) affected from 8.10.1 to 8.10.1 (incl.) affected from 8.10.0 to 8.10.0 (incl.) affected from 8.9.1 to 8.9.1 (incl.) affected from 8.9.0 to 8.9.0 (incl.) affected from 8.8.0 to 8.8.0 (incl.) affected from 8.7.1 to 8.7.1 (incl.) affected from 8.7.0 to 8.7.0 (incl.) affected from 8.6.0 to 8.6.0 (incl.) affected from 8.5.0 to 8.5.0 (incl.) affected from 8.4.0 to 8.4.0 (incl.) affected from 8.3.0 to 8.3.0 (incl.) affected from 8.2.1 to 8.2.1 (incl.) affected from 8.2.0 to 8.2.0 (incl.) affected from 8.1.2 to 8.1.2 (incl.) affected from 8.1.1 to 8.1.1 (incl.) affected from 8.1.0 to 8.1.0 (incl.) affected from 8.0.1 to 8.0.1 (incl.) affected from 8.0.0 to 8.0.0 (incl.) affected from 7.88.1 to 7.88.1 (incl.) affected from 7.88.0 to 7.88.0 (incl.) affected from 7.87.0 to 7.87.0 (incl.) affected from 7.86.0 to 7.86.0 (incl.) affected from 7.85.0 to 7.85.0 (incl.) affected from 7.84.0 to 7.84.0 (incl.) affected from 7.83.1 to 7.83.1 (incl.) affected from 7.83.0 to 7.83.0 (incl.) affected from 7.82.0 to 7.82.0 (incl.) affected from 7.81.0 to 7.81.0 (incl.) affected from 7.80.0 to 7.80.0 (incl.) affected from 7.79.1 to 7.79.1 (incl.) affected from 7.79.0 to 7.79.0 (incl.) affected from 7.78.0 to 7.78.0 (incl.) affected from 7.77.0 to 7.77.0 (incl.) affected from 7.76.1 to 7.76.1 (incl.) affected from 7.76.0 to 7.76.0 (incl.) affected from 7.75.0 to 7.75.0 (incl.) affected from 7.74.0 to 7.74.0 (incl.) affected from 7.73.0 to 7.73.0 (incl.) affected from 7.72.0 to 7.72.0 (incl.) affected from 7.71.1 to 7.71.1 (incl.) affected from 7.71.0 to 7.71.0 (incl.) affected from 7.70.0 to 7.70.0 (incl.) affected from 7.69.1 to 7.69.1 (incl.) affected from 7.69.0 to 7.69.0 (incl.) affected from 7.68.0 to 7.68.0 (incl.) affected from 7.67.0 to 7.67.0 (incl.) affected from 7.66.0 to 7.66.0 (incl.) affected from 7.65.3 to 7.65.3 (incl.) affected from 7.65.2 to 7.65.2 (incl.) affected from 7.65.1 to 7.65.1 (incl.) affected from 7.65.0 to 7.65.0 (incl.) affected from 7.64.1 to 7.64.1 (incl.) affected from 7.64.0 to 7.64.0 (incl.) affected from 7.63.0 to 7.63.0 (incl.) affected from 7.62.0 to 7.62.0 (incl.) affected from 7.61.1 to 7.61.1 (incl.) affected from 7.61.0 to 7.61.0 (incl.) affected from 7.60.0 to 7.60.0 (incl.) affected from 7.59.0 to 7.59.0 (incl.) affected from 7.58.0 to 7.58.0 (incl.) affected from 7.57.0 to 7.57.0 (incl.) affected from 7.56.1 to 7.56.1 (incl.) affected from 7.56.0 to 7.56.0 (incl.) affected from 7.55.1 to 7.55.1 (incl.) affected from 7.55.0 to 7.55.0 (incl.) affected from 7.54.1 to 7.54.1 (incl.) affected from 7.54.0 to 7.54.0 (incl.) affected from 7.53.1 to 7.53.1 (incl.) affected from 7.53.0 to 7.53.0 (incl.) affected from 7.52.1 to 7.52.1 (incl.) affected from 7.52.0 to 7.52.0 (incl.) affected from 7.51.0 to 7.51.0 (incl.) affected from 7.50.3 to 7.50.3 (incl.) affected from 7.50.2 to 7.50.2 (incl.) affected from 7.50.1 to 7.50.1 (incl.) affected from 7.50.0 to 7.50.0 (incl.) affected from 7.49.1 to 7.49.1 (incl.) affected from 7.49.0 to 7.49.0 (incl.) affected from 7.48.0 to 7.48.0 (incl.) affected from 7.47.1 to 7.47.1 (incl.) affected from 7.47.0 to 7.47.0 (incl.) affected from 7.46.0 to 7.46.0 (incl.) affected from 7.45.0 to 7.45.0 (incl.) affected from 7.44.0 to 7.44.0 (incl.) affected from 7.43.0 to 7.43.0 (incl.) affected from 7.42.1 to 7.42.1 (incl.) affected from 7.42.0 to 7.42.0 (incl.) affected from 7.41.0 to 7.41.0 (incl.) affected from 7.40.0 to 7.40.0 (incl.) affected from 7.39.0 to 7.39.0 (incl.) affected from 7.38.0 to 7.38.0 (incl.) affected from 7.37.1 to 7.37.1 (incl.) affected from 7.37.0 to 7.37.0 (incl.) affected from 7.36.0 to 7.36.0 (incl.) affected from 7.35.0 to 7.35.0 (incl.) affected from 7.34.0 to 7.34.0 (incl.) affected from 7.33.0 to 7.33.0 (incl.) affected from 7.32.0 to 7.32.0 (incl.) affected from 7.31.0 to 7.31.0 (incl.) affected from 7.30.0 to 7.30.0 (incl.) affected from 7.29.0 to 7.29.0 (incl.) affected from 7.28.1 to 7.28.1 (incl.) affected from 7.28.0 to 7.28.0 (incl.) affected from 7.27.0 to 7.27.0 (incl.) affected from 7.26.0 to 7.26.0 (incl.) affected from 7.25.0 to 7.25.0 (incl.) affected from 7.24.0 to 7.24.0 (incl.) affected from 7.23.1 to 7.23.1 (incl.) affected from 7.23.0 to 7.23.0 (incl.) affected from 7.22.0 to 7.22.0 (incl.) affected from 7.21.7 to 7.21.7 (incl.) affected from 7.21.6 to 7.21.6 (incl.) affected from 7.21.5 to 7.21.5 (incl.) affected from 7.21.4 to 7.21.4 (incl.) affected from 7.21.3 to 7.21.3 (incl.) affected from 7.21.2 to 7.21.2 (incl.) affected from 7.21.1 to 7.21.1 (incl.) affected from 7.21.0 to 7.21.0 (incl.) affected from 7.20.1 to 7.20.1 (incl.) affected from 7.20.0 to 7.20.0 (incl.) affected from 7.19.7 to 7.19.7 (incl.) affected from 7.19.6 to 7.19.6 (incl.) affected from 7.19.5 to 7.19.5 (incl.) affected from 7.19.4 to 7.19.4 (incl.) affected from 7.19.3 to 7.19.3 (incl.) affected from 7.19.2 to 7.19.2 (incl.) affected from 7.19.1 to 7.19.1 (incl.) affected from 7.19.0 to 7.19.0 (incl.) affected from 7.18.2 to 7.18.2 (incl.) affected from 7.18.1 to 7.18.1 (incl.) affected from 7.18.0 to 7.18.0 (incl.) affected from 7.17.1 to 7.17.1 (incl.) affected from 7.17.0 to 7.17.0 (incl.) affected from 7.16.4 to 7.16.4 (incl.) affected from 7.16.3 to 7.16.3 (incl.) affected from 7.16.2 to 7.16.2 (incl.) affected from 7.16.1 to 7.16.1 (incl.) affected from 7.16.0 to 7.16.0 (incl.) affected from 7.15.5 to 7.15.5 (incl.) affected from 7.15.4 to 7.15.4 (incl.) affected from 7.15.3 to 7.15.3 (incl.) affected from 7.15.2 to 7.15.2 (incl.) affected from 7.15.1 to 7.15.1 (incl.) affected from 7.15.0 to 7.15.0 (incl.) affected from 7.14.1 to 7.14.1 (incl.) affected from 7.14.0 to 7.14.0 (incl.) affected from 7.13.2 to 7.13.2 (incl.) affected from 7.13.1 to 7.13.1 (incl.) affected from 7.13.0 to 7.13.0 (incl.) affected from 7.12.3 to 7.12.3 (incl.) affected from 7.12.2 to 7.12.2 (incl.) affected from 7.12.1 to 7.12.1 (incl.) affected from 7.12.0 to 7.12.0 (incl.) affected from 7.11.2 to 7.11.2 (incl.) affected from 7.11.1 to 7.11.1 (incl.) affected from 7.11.0 to 7.11.0 (incl.) affected from 7.10.8 to 7.10.8 (incl.) affected from 7.10.7 to 7.10.7 (incl.) affected from 7.10.6 to 7.10.6 (incl.) affected from 7.10.5 to 7.10.5 (incl.) affected from 7.10.4 to 7.10.4 (incl.) affected from 7.10.3 to 7.10.3 (incl.) affected from 7.10.2 to 7.10.2 (incl.) affected from 7.10.1 to 7.10.1 (incl.) affected from 7.10 to 7.10 (incl.) affected from 7.9.8 to 7.9.8 (incl.) affected from 7.9.7 to 7.9.7 (incl.) affected from 7.9.6 to 7.9.6 (incl.) affected from 7.9.5 to 7.9.5 (incl.) affected from 7.9.4 to 7.9.4 (incl.) affected from 7.9.3 to 7.9.3 (incl.) affected from 7.9.2 to 7.9.2 (incl.) affected from 7.9.1 to 7.9.1 (incl.) affected from 7.9 to 7.9 (incl.) affected from 7.8.1 to 7.8.1 (incl.) affected from 7.8 to 7.8 (incl.) affected from 7.7.3 to 7.7.3 (incl.) affected from 7.7.2 to 7.7.2 (incl.) affected from 7.7.1 to 7.7.1 (incl.) affected from 7.7 to 7.7 (incl.)

CVE-2026-3784 PUBLISHED

wrong proxy connection reuse with credentials

Product Status

Credits

References

Problem Types