CURL-CVE-2025-15224

See a problem?
Please try reporting it to the source first.
Source
https://curl.se/docs/CVE-2025-15224.html
Import Source
https://curl.se/docs/CURL-CVE-2025-15224.json
JSON Data
https://api.test.osv.dev/v1/vulns/CURL-CVE-2025-15224
Aliases
Published
2026-01-07T08:00:00Z
Modified
2026-05-21T06:00:07.282970587Z
Summary
libssh key passphrase bypass without agent set
Details

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent.

Database specific 
{
    "CWE": {
        "id": "CWE-287",
        "desc": "Improper Authentication"
    },
    "severity": "Low",
    "www": "https://curl.se/docs/CVE-2025-15224.html",
    "affects": "both",
    "award": {
        "currency": "USD",
        "amount": "505"
    },
    "URL": "https://curl.se/docs/CVE-2025-15224.json",
    "issue": "https://hackerone.com/reports/3480925",
    "package": "curl",
    "last_affected": "8.17.0"
}
References
Credits
    • Harry Sintonen - FINDER
    • Harry Sintonen - REMEDIATION_DEVELOPER

Affected packages

Git / github.com/curl/curl.git

Affected ranges

Type
SEMVER
Events
Introduced
7.58.0
Fixed
8.18.0
Type
GIT
Repo
https://github.com/curl/curl.git
Events
Introduced
c92d2e14cfb0db662f958effd2ac86f995cf1b5a
Fixed
16d5f2a5660c61cc27bd5f1c7f512391d1c927aa

Affected versions

7.*
7.58.0
7.59.0
7.60.0
7.61.0
7.61.1
7.62.0
7.63.0
7.64.0
7.64.1
7.65.0
7.65.1
7.65.2
7.65.3
7.66.0
7.67.0
7.68.0
7.69.0
7.69.1
7.70.0
7.71.0
7.71.1
7.72.0
7.73.0
7.74.0
7.75.0
7.76.0
7.76.1
7.77.0
7.78.0
7.79.0
7.79.1
7.80.0
7.81.0
7.82.0
7.83.0
7.83.1
7.84.0
7.85.0
7.86.0
7.87.0
7.88.0
7.88.1
8.*
8.0.0
8.0.1
8.1.0
8.1.1
8.1.2
8.10.0
8.10.1
8.11.0
8.11.1
8.12.0
8.12.1
8.13.0
8.14.0
8.14.1
8.15.0
8.16.0
8.17.0
8.2.0
8.2.1
8.3.0
8.4.0
8.5.0
8.6.0
8.7.0
8.7.1
8.8.0
8.9.0
8.9.1
Other
curl-7_58_0
curl-7_59_0
curl-7_60_0
curl-7_61_0
curl-7_61_1
curl-7_62_0
curl-7_63_0
curl-7_64_0
curl-7_64_1
curl-7_65_0
curl-7_65_1
curl-7_65_2
curl-7_65_3
curl-7_66_0
curl-7_67_0
curl-7_68_0
curl-7_69_0
curl-7_69_1
curl-7_70_0
curl-7_71_0
curl-7_71_1
curl-7_72_0
curl-7_73_0
curl-7_74_0
curl-7_75_0
curl-7_76_0
curl-7_76_1
curl-7_77_0
curl-7_78_0
curl-7_79_0
curl-7_79_1
curl-7_80_0
curl-7_81_0
curl-7_82_0
curl-7_83_0
curl-7_83_1
curl-7_84_0
curl-7_85_0
curl-7_86_0
curl-7_87_0
curl-7_88_0
curl-7_88_1
curl-8_0_0
curl-8_0_1
curl-8_10_0
curl-8_10_1
curl-8_11_0
curl-8_11_1
curl-8_12_0
curl-8_12_1
curl-8_13_0
curl-8_14_0
curl-8_14_1
curl-8_15_0
curl-8_16_0
curl-8_17_0
curl-8_1_0
curl-8_1_1
curl-8_1_2
curl-8_2_0
curl-8_2_1
curl-8_3_0
curl-8_4_0
curl-8_5_0
curl-8_6_0
curl-8_7_0
curl-8_7_1
curl-8_8_0
curl-8_9_0
curl-8_9_1
rc-8_18_0-1
rc-8_18_0-2
rc-8_18_0-3
tiny-curl-7_72_0
tiny-curl-8_4_0

Database specific

source 
"https://curl.se/docs/CURL-CVE-2025-15224.json"