N/A

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.

N/A

不充分的凭证保护机制

curl 信息泄露漏洞

curl是一款用于从服务器传输数据或向服务器传输数据的工具。 curl 存在信息泄露漏洞，该漏洞源于当它遵循从受身份验证保护的 HTTP(S) URL 到其他协议和端口号的重定向时，此安全漏洞允许将凭据泄露给其他服务器。

N/A

N/A