0.007 Low
EPSS
Percentile
79.6%
curl is vulnerable to information disclosure. The vulnerability exists as a part of a password may be prepended to the host name before the host name is resolved, leading to a leak of the partial password over the network and to DNS servers.
access.redhat.com/security/cve/cve-2020-8169
cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf
cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
curl.se/docs/CVE-2020-8169.html
hackerone.com/reports/874778
www.debian.org/security/2021/dsa-4881