Количество 11
Количество 11
GHSA-g897-jvjx-78vg
When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host.
CVE-2025-14524
When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host.
CVE-2025-14524
When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host.
CVE-2025-14524
bearer token leak on cross-protocol redirect
CVE-2025-14524
When an OAuth2 bearer token is used for an HTTP(S) transfer, and that ...
BDU:2026-02955
Уязвимость программного средства для взаимодействия с серверами cURL, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю оказать воздействие на конфиденциальность защищаемой информации
ROS-20260129-73-0066
Уязвимость curl
SUSE-SU-2026:0066-1
Security update for curl
SUSE-SU-2026:0052-1
Security update for curl
SUSE-SU-2026:0050-1
Security update for curl
openSUSE-SU-2026:20031-1
Security update for curl
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-g897-jvjx-78vg When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | CVE-2025-14524 When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | CVE-2025-14524 When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | CVE-2025-14524 bearer token leak on cross-protocol redirect | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
| CVE-2025-14524 When an OAuth2 bearer token is used for an HTTP(S) transfer, and that ... | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | BDU:2026-02955 Уязвимость программного средства для взаимодействия с серверами cURL, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю оказать воздействие на конфиденциальность защищаемой информации | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | ROS-20260129-73-0066 Уязвимость curl | CVSS3: 5.3 | 0% Низкий | 2 месяца назад |
 | SUSE-SU-2026:0066-1 Security update for curl | 3 месяца назад | ||
| SUSE-SU-2026:0052-1 Security update for curl | 3 месяца назад | ||
| SUSE-SU-2026:0050-1 Security update for curl | 3 месяца назад | ||
| openSUSE-SU-2026:20031-1 Security update for curl | 3 месяца назад |
Уязвимостей на страницу