|
|
Subscribe / Log in / New account

curl: information leak

Package(s):curl CVE #(s):CVE-2015-3153
Created:April 30, 2015 Updated:May 28, 2015
Description: From the Debian advisory:

It was discovered that cURL, an URL transfer library, if configured to use a proxy server with the HTTPS protocol, by default could send to the proxy the same HTTP headers it sends to the destination server, possibly leaking sensitive information.

Alerts:
openSUSE openSUSE-SU-2015:0861-1 curl 2015-05-12
Ubuntu USN-2591-1 curl 2015-04-30
Debian DSA-3240-1 curl 2015-04-29
Arch Linux ASA-201505-20 curl 2015-05-28
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds