6 matches found
SUSE CVE-2020-8169
curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS servers...
ALPINE-CVE-2020-8169
curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS servers...
SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2020:1733-1)
This update for curl fixes the following issues : CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option bsc1173027. CVE-2020-8169: Fixed an issue where could have led to partial password leak over DNS on HTTP...
Security update for curl (important)
openSUSE Security Update: Security update for curl Announcement ID: openSUSE-SU-2020:0883-1 Rating: important References: 1173026 1173027 Cross-References: CVE-2020-8169 CVE-2020-8177 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Description: Thi...
CURL-CVE-2020-8169 Partial password leak over DNS on HTTP redirect
libcurl can be tricked to prepend a part of the password to the hostname before it resolves it, potentially leaking the partial password over the network and to the DNS servers. libcurl can be given a username and password for HTTP authentication when requesting an HTTP resource - used for HTTP...
Partial password leak over DNS on HTTP redirect
libcurl can be tricked to prepend a part of the password to the hostname before it resolves it, potentially leaking the partial password over the network and to the DNS servers. libcurl can be given a username and password for HTTP authentication when requesting an HTTP resource - used for HTTP...