3 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-3783
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second...
CLSA-2026-1771663697 curl: Fix of 2 CVEs
CVE-2025-14524: fix OAuth2 bearer token leak on cross-protocol redirect - CVE-2025-15224: fix libssh public-key auth fallback to SSH agent...
Curl 7.33.0 < 8.18.0 OAuth2 Bearer Token Leak (CVE-2025-14524)
The version of curl installed on the remote host is missing a security update. It is, therefore, affected by an information disclosure vulnerability. - When an OAuth2 bearer token is used for an HTTPS transfer that performs a cross-protocol redirect to a second URL using IMAP, LDAP, POP3, or SMTP...