CVE-2024-28110

A vulnerability was found in cloudevents/sdk-go. This issue involves using cloudevents.WithRoundTripper to create a cloudevents.Client with an authenticated http.RoundTripper results in the go-sdk leaking credentials to arbitrary endpoints. When the transport is populated with an authenticated...

Go SDK for CloudEvents's use of WithRoundTripper to create a Client leaks credentials

Impact What kind of vulnerability is it? Who is impacted? Using cloudevents.WithRoundTripper to create a cloudevents.Client with an authenticated http.RoundTripper causes the go-sdk to leak credentials to arbitrary endpoints. The relevant code is here also inline, emphasis added: if p.Client == n...

CVE-2023-47312

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2107)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-27774

A vulnerability was found in curl. This security flaw allows leaking credentials to other servers when it follows redirects from auth-protected HTTPS URLs to other protocols and port numbers...

SUSE: Security Advisory (SUSE-SU-2021:14707-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...