CVE-2026-49129: Curl Meson Build Cwe 918 Cve 2026 49129
Enabling CURLOPT_FOLLOWLOCATION without restricting allowable redirect protocols via CURLOPT_REDIR_PROTOCOLS_STR allows protocol smuggling or unintended SSRF to internal non-HTTP protocols. This application mitigates the issue by depending on libcurl >= 7.85. The current meson.build file specifies a version constraint older than 7.85, which risks re-introduc
greprules fetch cve-2026-49129-curl-meson-build-cwe-918-cve-2026-49129 --engine opengrepDescription
Enabling CURLOPT_FOLLOWLOCATION without restricting allowable redirect protocols via CURLOPT_REDIR_PROTOCOLS_STR allows protocol smuggling or unintended SSRF to internal non-HTTP protocols. This application mitigates the issue by depending on libcurl >= 7.85. The current meson.build file specifies a version constraint older than 7.85, which risks re-introduc
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0