EUVD-2022-7062

Malicious code in bioql PyPI...

CVE-2025-46421 Libsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a server

A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect...

Security update for wget

This update for wget fixes the following issues: CVE-2021-31879: Authorization header disclosed upon redirects to different origins. bsc1185551 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...

RHEL 6 : wget (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wget: Lack of filename checking allows arbitrary file upload via FTP redirect CVE-2016-4971 - wget:...

RHEL 7 : wget (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wget: Information exposure in setfilemetadata function in xattr.c CVE-2018-20483 - wget: authorization...

CVE-2020-11021

CVE-2020-11021 (Actions Http-Client) : The npm package @actions/http-client, prior to version 1.0.8, can disclose the Authorization header when a request with an Authorization header is redirected (302) to a different domain. The issue arises during redirects across hosts, allowing header leakage...