{ "schema_version": "1.5.0", "id": "CURL-CVE-2025-15224", "aliases": [ "CVE-2025-15224" ], "summary": "libssh key passphrase bypass without agent set", "modified": "2026-04-25T17:48:46.00Z", "database_specific": { "package": "curl", "affects": "both", "URL": "https://curl.se/docs/CVE-2025-15224.json", "www": "https://curl.se/docs/CVE-2025-15224.html", "issue": "https://hackerone.com/reports/3480925", "CWE": { "id": "CWE-287", "desc": "Improper Authentication" }, "award": { "amount": "505", "currency": "USD" }, "last_affected": "8.17.0", "severity": "Low" }, "published": "2026-01-07T08:00:00.00Z", "affected": [ { "ranges": [ { "type": "SEMVER", "events": [ {"introduced": "7.58.0"}, {"fixed": "8.18.0"} ] }, { "type": "GIT", "repo": "https://github.com/curl/curl.git", "events": [ {"introduced": "c92d2e14cfb0db662f958effd2ac86f995cf1b5a"}, {"fixed": "16d5f2a5660c61cc27bd5f1c7f512391d1c927aa"} ] } ], "versions": [ "8.17.0", "8.16.0", "8.15.0", "8.14.1", "8.14.0", "8.13.0", "8.12.1", "8.12.0", "8.11.1", "8.11.0", "8.10.1", "8.10.0", "8.9.1", "8.9.0", "8.8.0", "8.7.1", "8.7.0", "8.6.0", "8.5.0", "8.4.0", "8.3.0", "8.2.1", "8.2.0", "8.1.2", "8.1.1", "8.1.0", "8.0.1", "8.0.0", "7.88.1", "7.88.0", "7.87.0", "7.86.0", "7.85.0", "7.84.0", "7.83.1", "7.83.0", "7.82.0", "7.81.0", "7.80.0", "7.79.1", "7.79.0", "7.78.0", "7.77.0", "7.76.1", "7.76.0", "7.75.0", "7.74.0", "7.73.0", "7.72.0", "7.71.1", "7.71.0", "7.70.0", "7.69.1", "7.69.0", "7.68.0", "7.67.0", "7.66.0", "7.65.3", "7.65.2", "7.65.1", "7.65.0", "7.64.1", "7.64.0", "7.63.0", "7.62.0", "7.61.1", "7.61.0", "7.60.0", "7.59.0", "7.58.0" ] } ], "credits": [ { "name": "Harry Sintonen", "type": "FINDER" }, { "name": "Harry Sintonen", "type": "REMEDIATION_DEVELOPER" } ], "details": "When doing SSH-based transfers using either SCP or SFTP, and asked to do\npublic key authentication, curl would wrongly still ask and authenticate using\na locally running SSH agent." }