VDB
GCVE-110-MAGEIA-2021-186
GCVE-110-MAGEIA-2021-186
Advisory Published
libcurl does not strip off user credentials from the URL when automatically
populating the Referer: HTTP request header field in outgoing HTTP requests,
and therefore risks leaking sensitive data to the server that is the target of
the second HTTP request. (CVE-2021-22876)
TLS 1.3 session ticket proxy host mixup. (CVE-2021-22890)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | curl | 0 (affected), 7.74.0-1.1.mga8 (unaffected), 0 (affected), 7.74.0-1.1.mga8 (unaffected) | — |
| Mageia | qarte | 0 (affected), 4.14.0-1.mga8 (unaffected) | — |
| Mageia | curl | 0 (affected), 7.71.0-1.2.mga7 (unaffected), 0 (affected), 7.71.0-1.2.mga7 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.