5 matches found
Astra Linux – Vulnerability in curl
When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3, or SMTP scheme, curl may incorrectly pass the bearer token to the new target host...
CVE-2025-14524
When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...
CVE-2022-32227
A cleartext transmission of sensitive information exists in Rocket.Chat v5, v4.8.2 and v4.7.5 relating to Oauth tokens by having the permission "view-full-other-user-info", this could cause an oauth token leak in the product...
CVE-2022-32227
CVE-2022-32227 affects Rocket.Chat prior to v5, v4.8.2, and v4.7.5, where a user with the permission view-full-other-user-info could access another user’s OAuth tokens via the REST API (users.info). The root cause is cleartext transmission/leak of sensitive OAuth token data. Impact described incl...
CVE-2022-32227
A cleartext transmission of sensitive information exists in Rocket.Chat v5, v4.8.2 and v4.7.5 relating to Oauth tokens by having the permission "view-full-other-user-info", this could cause an oauth token leak in the product...