CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-11053

When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.3%

CVSS Severity

CVSS v3 Score 3.4

References

Products affected by CVE-2024-11053

Haxx » Curl » Version: 7.76.0

cpe:2.3:a:haxx:curl:7.76.0
Haxx » Curl » Version: 7.76.1

cpe:2.3:a:haxx:curl:7.76.1
Haxx » Curl » Version: 7.77.0

cpe:2.3:a:haxx:curl:7.77.0
Haxx » Curl » Version: 7.78.0

cpe:2.3:a:haxx:curl:7.78.0
Haxx » Curl » Version: 7.79.0

cpe:2.3:a:haxx:curl:7.79.0
Haxx » Curl » Version: 7.79.1

cpe:2.3:a:haxx:curl:7.79.1
Haxx » Curl » Version: 7.80.0

cpe:2.3:a:haxx:curl:7.80.0
Haxx » Curl » Version: 7.81.0

cpe:2.3:a:haxx:curl:7.81.0
Haxx » Curl » Version: 7.82.0

cpe:2.3:a:haxx:curl:7.82.0
Haxx » Curl » Version: 7.83.0

cpe:2.3:a:haxx:curl:7.83.0
Haxx » Curl » Version: 7.83.1

cpe:2.3:a:haxx:curl:7.83.1
Haxx » Curl » Version: 7.84.0

cpe:2.3:a:haxx:curl:7.84.0
Haxx » Curl » Version: 7.85.0

cpe:2.3:a:haxx:curl:7.85.0
Haxx » Curl » Version: 7.86.0

cpe:2.3:a:haxx:curl:7.86.0
Haxx » Curl » Version: 7.87.0

cpe:2.3:a:haxx:curl:7.87.0
Haxx » Curl » Version: 7.88.0

cpe:2.3:a:haxx:curl:7.88.0
Haxx » Curl » Version: 7.88.1

cpe:2.3:a:haxx:curl:7.88.1
Haxx » Curl » Version: 8.0.0

cpe:2.3:a:haxx:curl:8.0.0
Haxx » Curl » Version: 8.0.1

cpe:2.3:a:haxx:curl:8.0.1
Haxx » Curl » Version: 8.1.0

cpe:2.3:a:haxx:curl:8.1.0
Haxx » Curl » Version: 8.1.1

cpe:2.3:a:haxx:curl:8.1.1
Haxx » Curl » Version: 8.1.2

cpe:2.3:a:haxx:curl:8.1.2
Haxx » Curl » Version: 8.10.0

cpe:2.3:a:haxx:curl:8.10.0
Haxx » Curl » Version: 8.10.1

cpe:2.3:a:haxx:curl:8.10.1
Haxx » Curl » Version: 8.11.0

cpe:2.3:a:haxx:curl:8.11.0
Haxx » Curl » Version: 8.2.0

cpe:2.3:a:haxx:curl:8.2.0
Haxx » Curl » Version: 8.2.1

cpe:2.3:a:haxx:curl:8.2.1
Haxx » Curl » Version: 8.4.0

cpe:2.3:a:haxx:curl:8.4.0
Haxx » Curl » Version: 8.5.0

cpe:2.3:a:haxx:curl:8.5.0
Haxx » Curl » Version: 8.6.0

cpe:2.3:a:haxx:curl:8.6.0
Haxx » Curl » Version: 8.7.0

cpe:2.3:a:haxx:curl:8.7.0
Haxx » Curl » Version: 8.7.1

cpe:2.3:a:haxx:curl:8.7.1
Haxx » Curl » Version: 8.8.0

cpe:2.3:a:haxx:curl:8.8.0
Haxx » Curl » Version: 8.9.0

cpe:2.3:a:haxx:curl:8.9.0
Haxx » Curl » Version: 8.9.1

cpe:2.3:a:haxx:curl:8.9.1
Netapp » Ontap » Version: 9

cpe:2.3:a:netapp:ontap:9
Netapp » Ontap Select Deploy Administration Utility » Version: N/A

cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-
Netapp » H300s » Version: N/A

cpe:2.3:h:netapp:h300s:-
Netapp » H410s » Version: N/A

cpe:2.3:h:netapp:h410s:-
Netapp » H500s » Version: N/A

cpe:2.3:h:netapp:h500s:-
Netapp » H610c » Version: N/A

cpe:2.3:h:netapp:h610c:-
Netapp » H610s » Version: N/A

cpe:2.3:h:netapp:h610s:-
Netapp » H615c » Version: N/A

cpe:2.3:h:netapp:h615c:-
Netapp » H700s » Version: N/A

cpe:2.3:h:netapp:h700s:-
Netapp » Hci Compute Node » Version: N/A

cpe:2.3:h:netapp:hci_compute_node:-
Netapp » Bootstrap Os » Version: N/A

cpe:2.3:o:netapp:bootstrap_os:-
Netapp » H300s Firmware » Version: N/A

cpe:2.3:o:netapp:h300s_firmware:-
Netapp » H410s Firmware » Version: N/A

cpe:2.3:o:netapp:h410s_firmware:-
Netapp » H500s Firmware » Version: N/A

cpe:2.3:o:netapp:h500s_firmware:-
Netapp » H610c Firmware » Version: N/A

cpe:2.3:o:netapp:h610c_firmware:-
Netapp » H610s Firmware » Version: N/A

cpe:2.3:o:netapp:h610s_firmware:-
Netapp » H615c Firmware » Version: N/A

cpe:2.3:o:netapp:h615c_firmware:-
Netapp » H700s Firmware » Version: N/A

cpe:2.3:o:netapp:h700s_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-11053

Products

Pricing

Contact Us