Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
netrc and redirect credential leak
Vulnerability Description
When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
curl 安全漏洞
Vulnerability Description
curl是cURL开源的一款用于从服务器传输数据或向服务器传输数据的工具。 curl存在安全漏洞,该漏洞源于会在某些情况下将第一个主机使用的密码泄露给后续主机。
CVSS Information
N/A
Vulnerability Type
N/A