Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.4 views

SUSE CVE-2020-8169

curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS servers...

5.3CVSS9.1AI score0.03427EPSS
Exploits1References8
OSV
OSV
added 2020/12/14 8:15 p.m.2 views

ALPINE-CVE-2020-8169

curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS servers...

7.5CVSS6.3AI score0.03427EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2020/07/09 12:0 a.m.34 views

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2020:1733-1)

This update for curl fixes the following issues : CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option bsc1173027. CVE-2020-8169: Fixed an issue where could have led to partial password leak over DNS on HTTP...

7.8CVSS6.7AI score0.03427EPSS
Exploits2References7
OPENSUSE Linux
OPENSUSE Linux
added 2020/06/28 12:0 a.m.346 views

Security update for curl (important)

openSUSE Security Update: Security update for curl Announcement ID: openSUSE-SU-2020:0883-1 Rating: important References: 1173026 1173027 Cross-References: CVE-2020-8169 CVE-2020-8177 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Description: Thi...

7.8CVSS7.5AI score0.03427EPSS
Exploits2References2
OSV
OSV
added 2020/06/24 8:0 a.m.7 views

CURL-CVE-2020-8169 Partial password leak over DNS on HTTP redirect

libcurl can be tricked to prepend a part of the password to the hostname before it resolves it, potentially leaking the partial password over the network and to the DNS servers. libcurl can be given a username and password for HTTP authentication when requesting an HTTP resource - used for HTTP...

7.5CVSS7.5AI score0.03427EPSS
Exploits1
curl security advisories
curl security advisories
added 2020/06/24 8:0 a.m.10 views

Partial password leak over DNS on HTTP redirect

libcurl can be tricked to prepend a part of the password to the hostname before it resolves it, potentially leaking the partial password over the network and to the DNS servers. libcurl can be given a username and password for HTTP authentication when requesting an HTTP resource - used for HTTP...

7.5CVSS7.2AI score0.03427EPSS
Exploits1References1Affected Software2
Rows per page
Query Builder