*** vuln.xml Fri Apr 9 12:11:19 2021 --- vuln-20210409.xml Fri Apr 9 12:09:31 2021 *************** *** 80 **** --- 81,113 ---- + + Curl -- two vulnerabilities + + + curl + 7.76.0 + + + + +

Daniel Stenberg reports:

+
+
CVE-2021-22876: strip credentials from the auto-referer header + field
+
CVE-2021-22890: add 'isproxy' argument to + Curl_ssl_get/addsessionid()
+
+

+ + + + https://curl.se/docs/CVE-2021-22890.html + https://curl.se/docs/CVE-2021-22876.html + CVE-2021-22890 + CVE-2021-22876 + + + 2021-03-31 + 2021-04-09 + + +