Lucene search
+L

452 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.3 views

EulerOS Virtualization 2.12.0 : python-requests (EulerOS-SA-2026-1515)

According to the versions of the python-requests package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to...

5.3CVSS6.5AI score0.00845EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.2 views

Huawei EulerOS: Security Advisory for python-requests (EulerOS-SA-2026-1515)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.00845EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.2 views

Huawei EulerOS: Security Advisory for python-requests (EulerOS-SA-2026-1458)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.00845EPSS
Exploits1References2
OSV
OSV
added 2026/03/12 10:4 a.m.3 views

SUSE-SU-2026:20668-1 Security update for curl

This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. - CVE-2026-3783: token leak with redirect and netrc bsc1259363. - CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. - CVE-2026-3805: use after free in SMB...

7.5CVSS5.8AI score0.00715EPSS
Exploits4References9
OSV
OSV
added 2026/03/12 9:40 a.m.6 views

SUSE-SU-2026:20722-1 Security update for curl

This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. - CVE-2026-3783: token leak with redirect and netrc bsc1259363. - CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. - CVE-2026-3805: use after free in SMB...

7.5CVSS5.8AI score0.00715EPSS
Exploits4References9
Microsoft CVE
Microsoft CVE
added 2026/03/12 8:1 a.m.6 views

token leak with redirect and netrc

...

5.3CVSS5.8AI score0.00333EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/03/11 11:56 p.m.5 views

CVE-2026-3783

A flaw was found in curl. When an OAuth2 bearer token is used for an HTTPS transfer that redirects to a second URL, curl could unintentionally leak the token. This occurs if the second hostname has entries in the .netrc file, allowing the bearer token intended for the first host to be sent to the...

5.7CVSS5.7AI score0.00333EPSS
Exploits1References7
OSV
OSV
added 2026/03/11 6:0 p.m.6 views

UBUNTU-CVE-2026-3783

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...

5.3CVSS7.3AI score0.00333EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/03/11 4:18 p.m.4 views

SUSE CVE-2026-3783

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...

4.7CVSS5.8AI score0.00333EPSS
Exploits1References12
Snyk
Snyk
added 2026/03/11 12:43 p.m.6 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials which can be leaked from outputauthheaders when redirecting with an OAuth2 bearer token. If a hostname that is the target of a redirect matches an entry in the .netrc file with either the machine or...

7.1CVSS5.8AI score0.00333EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/11 12:31 p.m.4 views

EUVD-2026-11138

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...

5.3CVSS5.8AI score0.00333EPSS
Exploits1References5
Ubuntu
Ubuntu
added 2026/03/11 12:11 p.m.8 views

USN-8084-1: curl vulnerabilities

Zhicheng Chen discovered that curl could incorrectly reuse the wrong connection for Negotiate-authenticated HTTP or HTTPS requests. This could result in the use of credentials from a different connection, contrary to expectations. CVE-2026-1965 It was discovered that curl incorrectly leaked OAuth...

7.5CVSS7.3AI score0.00715EPSS
Exploits5
NVD
NVD
added 2026/03/11 11:16 a.m.8 views

CVE-2026-3783

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...

5.3CVSS0.00333EPSS
Exploits1References4
OSV
OSV
added 2026/03/11 11:16 a.m.6 views

DEBIAN-CVE-2026-3783

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...

5.3CVSS7.7AI score0.00333EPSS
Exploits1References1
OSV
OSV
added 2026/03/11 11:16 a.m.7 views

ALPINE-CVE-2026-3783

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...

5.3CVSS5.8AI score0.00333EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/03/11 10:9 a.m.7 views

CVE-2026-3783

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...

5.3CVSS7.7AI score0.00333EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/03/11 10:9 a.m.11 views

CVE-2026-3783

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...

5.3CVSS5.8AI score0.00333EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/11 10:9 a.m.30 views

CVE-2026-3783 token leak with redirect and netrc

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...

0.00333EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/03/11 10:9 a.m.5 views

CVE-2026-3783

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...

5.3CVSS5.8AI score0.00333EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/11 10:9 a.m.3 views

CVE-2026-3783 token leak with redirect and netrc

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...

5.8AI score0.00333EPSS
Exploits1References3
Rows per page
Query Builder