curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.
2021-04-01T18:15:12.823
2025-06-09T15:15:23.067
Modified
CVSSv3.1: 5.3 (MEDIUM)
AV:N/AC:L/Au:N/C:P/I:N/A:N
10.0
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | haxx | libcurl | ≤ 7.75.0 | Yes |
Operating System | fedoraproject | fedora | 32 | Yes |
Operating System | fedoraproject | fedora | 33 | Yes |
Operating System | fedoraproject | fedora | 34 | Yes |
Application | netapp | hci_management_node | - | Yes |
Application | netapp | solidfire | - | Yes |
Hardware | netapp | hci_compute_node | - | Yes |
Hardware | netapp | hci_storage_node | - | Yes |
Operating System | broadcom | fabric_operating_system | - | Yes |
Operating System | debian | debian_linux | 9.0 | Yes |
Application | siemens | sinec_infrastructure_network_services | < 1.0.1.1 | Yes |
Application | oracle | communications_billing_and_revenue_management | 12.0.0.3.0 | Yes |
Application | oracle | essbase | 21.2 | Yes |
Application | splunk | universal_forwarder | < 8.2.12 | Yes |
Application | splunk | universal_forwarder | < 9.0.6 | Yes |
Application | splunk | universal_forwarder | 9.1.0 | Yes |