Lucene search
+L

5 matches found

astralinux
astralinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in curl

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3, or SMTP scheme, curl may incorrectly pass the bearer token to the new target host...

5.3CVSS6.6AI score0.00611EPSS
Exploits1References3
nvd
nvd
added 2026/01/08 10:15 a.m.5 views

CVE-2025-14524

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...

5.3CVSS0.00611EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2022/09/23 6:28 p.m.8 views

CVE-2022-32227

A cleartext transmission of sensitive information exists in Rocket.Chat v5, v4.8.2 and v4.7.5 relating to Oauth tokens by having the permission "view-full-other-user-info", this could cause an oauth token leak in the product...

6.2AI score0.00551EPSS
Exploits1References1
cve
cve
added 2022/09/23 6:28 p.m.340 views

CVE-2022-32227

CVE-2022-32227 affects Rocket.Chat prior to v5, v4.8.2, and v4.7.5, where a user with the permission view-full-other-user-info could access another user’s OAuth tokens via the REST API (users.info). The root cause is cleartext transmission/leak of sensitive OAuth token data. Impact described incl...

6.5CVSS6.2AI score0.00551EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2022/09/23 6:28 p.m.14 views

CVE-2022-32227

A cleartext transmission of sensitive information exists in Rocket.Chat v5, v4.8.2 and v4.7.5 relating to Oauth tokens by having the permission "view-full-other-user-info", this could cause an oauth token leak in the product...

6.4AI score0.00551EPSS
Exploits1References1
Rows per page
Query Builder