Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authentication credentials for a previous connection when reusing a reset (curl_easy_reset) connection handle to send a request to the same host name, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Haxx cURL和libcurl 信息泄露漏洞
Vulnerability Description
Haxx curl和libcurl都是瑞典Haxx公司的产品。curl是一套利用URL语法在命令行下工作的文件传输工具。libcurl是一个免费、开源的客户端URL传输库。 Haxx cURL和libcurl 7.40.0版本至7.42.1版本中存在安全漏洞,该漏洞源于程序重新使用重置连接句柄向相同的主机名发送请求时,会发送之前的HTTP Basic身份验证证书。远程攻击者可利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A