CVE-2024-11053

When asked to both use a `.netrc` file for credentials and to follow HTTP
redirects, curl could leak the password used for the first host to the
followed-to host under certain circumstances.

This flaw only manifests itself if the netrc file has an entry that matches
the redirect target hostname but the entry either omits just the password or
omits both login and password.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.4 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
curlCNA
---
---
CVEADP
---
---
CISA-ADPADP
3.4 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Debian logo
Debian Releases
Debian Product
Codename
curl
bullseye
7.74.0-1.3+deb11u13
not-affected
bullseye (security)
7.74.0-1.3+deb11u14
fixed
bookworm
7.88.1-10+deb12u12
fixed
bookworm (security)
vulnerable
sid
8.13.0-5
fixed
trixie
8.13.0-5
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
curl
plucky
Fixed 8.11.1-1ubuntu1
released
oracular
Fixed 8.9.1-2ubuntu2.2
released
noble
Fixed 8.5.0-2ubuntu10.6
released
jammy
Fixed 7.81.0-1ubuntu1.20
released
focal
Fixed 7.68.0-1ubuntu2.25
released
bionic
needs-triage
xenial
needs-triage
trusty
needs-triage
References
https://curl.se/docs/CVE-2024-11053.html
https://curl.se/docs/CVE-2024-11053.json
https://hackerone.com/reports/2829063
http://www.openwall.com/lists/oss-security/2024/12/11/1
https://security.netapp.com/advisory/ntap-20250124-0012/
https://security.netapp.com/advisory/ntap-20250131-0003/