EUVD-2025-32511

In the HTTP request, the username and password are transferred directly in the URL as parameters. However, URLs can be stored in various systems such as server logs, browser histories or proxy servers. As a result, there is a high risk that this sensitive data will be disclosed unintentionally...

UBUNTU-CVE-2020-15095

Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "://:@::/". The password value is not redacted and is printed to stdout and also to any generated log files...

FreeBSD libfetch Buffer Overflow Vulnerability

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A buffer overflow vulnerability exists in FreeBSD libfetch. An attacker can exploit this vulnerability to cause a libfetch3 buffer overflow by specifying a URL using a username and/or password component...

CVE-2017-7783

If a long user name is used in a username/password combination in a site URL such as " http://UserName:[email protected]", the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service. This vulnerability affects Firefox 55...