Lucene search

K
freebsdFreeBSDB1194286-958E-11EB-9C34-080027F515EA
HistoryMar 31, 2021 - 12:00 a.m.

curl -- Automatic referer leaks credentials

2021-03-3100:00:00
vuxml.freebsd.org
15

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.012 Low

EPSS

Percentile

85.0%

Daniel Stenberg reports:

    libcurl does not strip off user credentials from the URL when
    automatically populating the Referer: HTTP request header field
    in outgoing HTTP requests, and therefore risks leaking sensitive
    data to the server that is the target of the second HTTP request.
  

    libcurl automatically sets the Referer: HTTP request header field
    in outgoing HTTP requests if the CURLOPT_AUTOREFERER option is set.
    With the curl tool, it is enabled with --referer ";auto".
OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchcurl= 7.1.1UNKNOWN
FreeBSDanynoarchcurl< 7.76.0UNKNOWN

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.012 Low

EPSS

Percentile

85.0%