Debian Security Advisory DSA 3240-1 (curl - security update)
It was discovered that cURL, an URL transfer library, if configured to use a proxy server with the HTTPS protocol, by default could send to the proxy the same HTTP headers it sends to the destination server, possibly leaking sensitive information. OpenVAS Vulnerability Test $Id: deb3240.nasl 6609...