Lucene search
K

4 matches found

OSV
OSV
added 2026/05/13 1:1 p.m.7 views

ALPINE-CVE-2026-6253

curl might erroneously pass on credentials for a first proxy to a second proxy. This can happen when the following conditions are true: 1. curl is setup to use specific different proxies for different URL schemes 2. the first proxy needs credentials 3. the second proxy uses no credentials 4. whil...

5.9CVSS5.5AI score0.00639EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 8:28 a.m.13 views

CVE-2026-6253

curl might erroneously pass on credentials for a first proxy to a second proxy. This can happen when the following conditions are true: 1. curl is setup to use specific different proxies for different URL schemes 2. the first proxy needs credentials 3. the second proxy uses no credentials 4. whil...

5.8AI score0.00639EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.6 views

Curl 7.14.1 < 8.20.0 Proxy Credential Disclosure

The version of curl installed on the remote host is 7.14.1 prior to 8.20.0. It is, therefore, affected by a proxy credential disclosure vulnerability: - curl might erroneously pass on credentials for a first proxy to a second proxy. This flaw occurs when different proxies are configured for...

5.9CVSS5.8AI score0.00639EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/29 12:0 a.m.5 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials via improper handling of proxy authentication during redirects when distinct proxies are configured for different URL schemes. An attacker can obtain sensitive proxy credentials by intercepting traff...

8.2CVSS5.8AI score0.00639EPSS
Exploits1References2
Rows per page
Query Builder