Curl 7.83.0 Patch: Vulnerability in HTTP Redirects Leaking Authentication and Cookie Header Data

Curl 7.83.0 Patch: Vulnerability in HTTP Redirects Leaking Authentication and Cookie Header Data

CVE-2022-27776 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.

Learn more about our Web Application Penetration Testing UK.