2 matches found
CLSA-2026-1773939685 curl: Fix of CVE-2026-3783
CVE-2026-3783: prevent bearer token leak on HTTPS redirect when .netrc contains entries for the redirected host...
DEBIAN-CVE-2026-3783
When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...