Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:35327
HistoryApr 29, 2022 - 6:57 a.m.

Authentication Bypass

2022-04-2906:57:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
authentication bypass
curl
remote attacker
impersonation
oauth2-authenticated connections

EPSS

0.002

Percentile

62.2%

curl is vulnerable to authentication bypass. A remote attacker is able to reuse OAUTH2-authenticated connections due to improper verification of credentials during a transfer, which allows the attacker to impersonate another user on the system.