CVE-2024-11053
- Source
- https://cve.org/CVERecord?id=CVE-2024-11053
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-11053.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-11053
- Aliases
- Downstream
- Related
- Published
- 2024-12-11T07:34:29.539Z
- Modified
- 2026-05-15T04:08:28.060885853Z
- Severity
-
- 3.4 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N CVSS Calculator
- Summary
- netrc and redirect credential leak
- Details
-
When asked to both use a
.netrcfile for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances.This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.
- Database specific
{ "unresolved_ranges": [ { "source": "AFFECTED_FIELD", "extracted_events": [ { "last_affected": "8.11.0" }, { "last_affected": "8.10.1" }, { "last_affected": "8.10.0" }, { "last_affected": "8.9.1" }, { "last_affected": "8.9.0" }, { "last_affected": "8.8.0" }, { "last_affected": "8.7.1" }, { "last_affected": "8.7.0" }, { "last_affected": "8.6.0" }, { "last_affected": "8.5.0" }, { "last_affected": "8.4.0" }, { "last_affected": "8.3.0" }, { "last_affected": "8.2.1" }, { "last_affected": "8.2.0" }, { "last_affected": "8.1.2" }, { "last_affected": "8.1.1" }, { "last_affected": "8.1.0" }, { "last_affected": "8.0.1" }, { "last_affected": "8.0.0" }, { "last_affected": "7.88.1" }, { "last_affected": "7.88.0" }, { "last_affected": "7.87.0" }, { "last_affected": "7.86.0" }, { "last_affected": "7.85.0" }, { "last_affected": "7.84.0" }, { "last_affected": "7.83.1" }, { "last_affected": "7.83.0" }, { "last_affected": "7.82.0" }, { "last_affected": "7.81.0" }, { "last_affected": "7.80.0" }, { "last_affected": "7.79.1" }, { "last_affected": "7.79.0" }, { "last_affected": "7.78.0" }, { "last_affected": "7.77.0" }, { "last_affected": "7.76.1" }, { "last_affected": "7.76.0" }, { "last_affected": "7.75.0" }, { "last_affected": "7.74.0" }, { "last_affected": "7.73.0" }, { "last_affected": "7.72.0" }, { "last_affected": "7.71.1" }, { "last_affected": "7.71.0" }, { "last_affected": "7.70.0" }, { "last_affected": "7.69.1" }, { "last_affected": "7.69.0" }, { "last_affected": "7.68.0" }, { "last_affected": "7.67.0" }, { "last_affected": "7.66.0" }, { "last_affected": "7.65.3" }, { "last_affected": "7.65.2" }, { "last_affected": "7.65.1" }, { "last_affected": "7.65.0" }, { "last_affected": "7.64.1" }, { "last_affected": "7.64.0" }, { "last_affected": "7.63.0" }, { "last_affected": "7.62.0" }, { "last_affected": "7.61.1" }, { "last_affected": "7.61.0" }, { "last_affected": "7.60.0" }, { "last_affected": "7.59.0" }, { "last_affected": "7.58.0" }, { "last_affected": "7.57.0" }, { "last_affected": "7.56.1" }, { "last_affected": "7.56.0" }, { "last_affected": "7.55.1" }, { "last_affected": "7.55.0" }, { "last_affected": "7.54.1" }, { "last_affected": "7.54.0" }, { "last_affected": "7.53.1" }, { "last_affected": "7.53.0" }, { "last_affected": "7.52.1" }, { "last_affected": "7.52.0" }, { "last_affected": "7.51.0" }, { "last_affected": "7.50.3" }, { "last_affected": "7.50.2" }, { "last_affected": "7.50.1" }, { "last_affected": "7.50.0" }, { "last_affected": "7.49.1" }, { "last_affected": "7.49.0" }, { "last_affected": "7.48.0" }, { "last_affected": "7.47.1" }, { "last_affected": "7.47.0" }, { "last_affected": "7.46.0" }, { "last_affected": "7.45.0" }, { "last_affected": "7.44.0" }, { "last_affected": "7.43.0" }, { "last_affected": "7.42.1" }, { "last_affected": "7.42.0" }, { "last_affected": "7.41.0" }, { "last_affected": "7.40.0" }, { "last_affected": "7.39.0" }, { "last_affected": "7.38.0" }, { "last_affected": "7.37.1" }, { "last_affected": "7.37.0" }, { "last_affected": "7.36.0" }, { "last_affected": "7.35.0" }, { "last_affected": "7.34.0" }, { "last_affected": "7.33.0" }, { "last_affected": "7.32.0" }, { "last_affected": "7.31.0" }, { "last_affected": "7.30.0" }, { "last_affected": "7.29.0" }, { "last_affected": "7.28.1" }, { "last_affected": "7.28.0" }, { "last_affected": "7.27.0" }, { "last_affected": "7.26.0" }, { "last_affected": "7.25.0" }, { "last_affected": "7.24.0" }, { "last_affected": "7.23.1" }, { "last_affected": "7.23.0" }, { "last_affected": "7.22.0" }, { "last_affected": "7.21.7" }, { "last_affected": "7.21.6" }, { "last_affected": "7.21.5" }, { "last_affected": "7.21.4" }, { "last_affected": "7.21.3" }, { "last_affected": "7.21.2" }, { "last_affected": "7.21.1" }, { "last_affected": "7.21.0" }, { "last_affected": "7.20.1" }, { "last_affected": "7.20.0" }, { "last_affected": "7.19.7" }, { "last_affected": "7.19.6" }, { "last_affected": "7.19.5" }, { "last_affected": "7.19.4" }, { "last_affected": "7.19.3" }, { "last_affected": "7.19.2" }, { "last_affected": "7.19.1" }, { "last_affected": "7.19.0" }, { "last_affected": "7.18.2" }, { "last_affected": "7.18.1" }, { "last_affected": "7.18.0" }, { "last_affected": "7.17.1" }, { "last_affected": "7.17.0" }, { "last_affected": "7.16.4" }, { "last_affected": "7.16.3" }, { "last_affected": "7.16.2" }, { "last_affected": "7.16.1" }, { "last_affected": "7.16.0" }, { "last_affected": "7.15.5" }, { "last_affected": "7.15.4" }, { "last_affected": "7.15.3" }, { "last_affected": "7.15.2" }, { "last_affected": "7.15.1" }, { "last_affected": "7.15.0" }, { "last_affected": "7.14.1" }, { "last_affected": "7.14.0" }, { "last_affected": "7.13.2" }, { "last_affected": "7.13.1" }, { "last_affected": "7.13.0" }, { "last_affected": "7.12.3" }, { "last_affected": "7.12.2" }, { "last_affected": "7.12.1" }, { "last_affected": "7.12.0" }, { "last_affected": "7.11.2" }, { "last_affected": "7.11.1" }, { "last_affected": "7.11.0" }, { "last_affected": "7.10.8" }, { "last_affected": "7.10.7" }, { "last_affected": "7.10.6" }, { "last_affected": "7.10.5" }, { "last_affected": "7.10.4" }, { "last_affected": "7.10.3" }, { "last_affected": "7.10.2" }, { "last_affected": "7.10.1" }, { "last_affected": "7.10" }, { "last_affected": "7.9.8" }, { "last_affected": "7.9.7" }, { "last_affected": "7.9.6" }, { "last_affected": "7.9.5" }, { "last_affected": "7.9.4" }, { "last_affected": "7.9.3" }, { "last_affected": "7.9.2" }, { "last_affected": "7.9.1" }, { "last_affected": "7.9" }, { "last_affected": "7.8.1" }, { "last_affected": "7.8" }, { "last_affected": "7.7.3" }, { "last_affected": "7.7.2" }, { "last_affected": "7.7.1" }, { "last_affected": "7.7" }, { "last_affected": "7.6.1" }, { "last_affected": "7.6" }, { "last_affected": "7.5.2" }, { "last_affected": "7.5.1" }, { "last_affected": "7.5" }, { "last_affected": "7.4.2" }, { "last_affected": "7.4.1" }, { "last_affected": "7.4" }, { "last_affected": "7.3" }, { "last_affected": "7.2.1" }, { "last_affected": "7.2" }, { "last_affected": "7.1.1" }, { "last_affected": "7.1" }, { "last_affected": "6.5.2" }, { "last_affected": "6.5.1" }, { "last_affected": "6.5" } ] } ], "cna_assigner": "curl", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/11xxx/CVE-2024-11053.json" }- References
-
- http://www.openwall.com/lists/oss-security/2024/12/11/1
- https://curl.se/docs/CVE-2024-11053.html
- https://curl.se/docs/CVE-2024-11053.json
- https://hackerone.com/reports/2829063
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/11xxx/CVE-2024-11053.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-11053
- https://security.netapp.com/advisory/ntap-20250124-0012/
- https://security.netapp.com/advisory/ntap-20250131-0003/
- https://security.netapp.com/advisory/ntap-20250131-0004/