Packages
- curl - HTTP, HTTPS, and FTP client and client libraries
Details
It was discovered that curl incorrectly handled cookies when redirected
from secure to insecure connections. An attacker could possibly use this
issue to cause a denial of service, or obtain sensitive information.
This issue only affected Ubuntu 25.10. (CVE-2025-9086)
Calvin Ruocco discovered that curl did not properly handle WebSocket
communications under certain circumstances. A malicious server could
possibly use this issue to poison proxy caches with malicious content.
This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10.
(CVE-2025-10148)
Stanislav Fort discovered that wcurl did not properly handle URLs with
certain encoded characters. If a user were tricked into processing
a specially crafted URL, an attacker could possibly use this issue to
write files outside the intended directory. This issue only affected
Ubuntu 25.10. (
It was discovered that curl incorrectly handled cookies when redirected
from secure to insecure connections. An attacker could possibly use this
issue to cause a denial of service, or obtain sensitive information.
This issue only affected Ubuntu 25.10. (CVE-2025-9086)
Calvin Ruocco discovered that curl did not properly handle WebSocket
communications under certain circumstances. A malicious server could
possibly use this issue to poison proxy caches with malicious content.
This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10.
(CVE-2025-10148)
Stanislav Fort discovered that wcurl did not properly handle URLs with
certain encoded characters. If a user were tricked into processing
a specially crafted URL, an attacker could possibly use this issue to
write files outside the intended directory. This issue only affected
Ubuntu 25.10. (CVE-2025-11563)
Stanislav Fort discovered that curl did not properly validate pinned
public keys under certain circumstances. A remote attacker could
possibly use this issue to perform a machine-in-the-middle attack. This
issue only affected Ubuntu 25.10.(CVE-2025-13034)
Stanislav Fort discovered that curl did not properly manage TLS options
when performing LDAP over TLS transfers in multi-threaded environments.
Under certain circumstances, certificate verification could be
unintentionally and unknowingly disabled. (CVE-2025-14017)
It was discovered that curl incorrectly handled Oauth2 bearer tokens
when following redirects. A remote attacker could possibly use this
issue to obtain authentication credentials. (CVE-2025-14524)
Stanislav Fort discovered that curl did not properly validate TLS
certificates when reusing connections. A remote attacker could possibly
use this issue to bypass expected certificate verification. This issue
only affected Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2025-14819)
Harry Sintonen discovered that curl did not properly validate SSH host
keys when performing SSH-based file transfers. This issue could lead to
unintended bypass of custom known_hosts file. This issue only
affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2025-15079)
Harry Sintonen discovered that curl built with libssh did not properly
handle authentication when performing SSH-based file transfers. This
could result in unintended authentication operations. This issue only
affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2025-15224)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 25.10 questing | curl – 8.14.1-2ubuntu1.1 | ||
| libcurl3t64-gnutls – 8.14.1-2ubuntu1.1 | |||
| libcurl4-gnutls-dev – 8.14.1-2ubuntu1.1 | |||
| libcurl4-openssl-dev – 8.14.1-2ubuntu1.1 | |||
| libcurl4t64 – 8.14.1-2ubuntu1.1 | |||
| 24.04 LTS noble | curl – 8.5.0-2ubuntu10.7 | ||
| libcurl3t64-gnutls – 8.5.0-2ubuntu10.7 | |||
| libcurl4-gnutls-dev – 8.5.0-2ubuntu10.7 | |||
| libcurl4-openssl-dev – 8.5.0-2ubuntu10.7 | |||
| libcurl4t64 – 8.5.0-2ubuntu10.7 | |||
| 22.04 LTS jammy | curl – 7.81.0-1ubuntu1.22 | ||
| libcurl3-gnutls – 7.81.0-1ubuntu1.22 | |||
| libcurl3-nss – 7.81.0-1ubuntu1.22 | |||
| libcurl4 – 7.81.0-1ubuntu1.22 | |||
| libcurl4-gnutls-dev – 7.81.0-1ubuntu1.22 | |||
| libcurl4-nss-dev – 7.81.0-1ubuntu1.22 | |||
| libcurl4-openssl-dev – 7.81.0-1ubuntu1.22 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.