{"id":"CURL-CVE-2003-1605","summary":"Proxy Authentication Header Information Leakage","details":"When curl connected to a site via an HTTP proxy with the CONNECT request, the\nuser and password used for the proxy connection was also sent off to the\nremote server.","aliases":["CVE-2003-1605"],"modified":"2024-01-25T02:42:43.485907Z","published":"2003-08-03T08:00:00Z","database_specific":{"severity":"High","last_affected":"7.10.6","affects":"both","www":"https://curl.se/docs/CVE-2003-1605.html","URL":"https://curl.se/docs/CVE-2003-1605.json","CWE":{"id":"CWE-201","desc":"Information Exposure Through Sent Data"},"package":"curl"},"affected":[{"ranges":[{"type":"SEMVER","events":[{"introduced":"4.5"},{"fixed":"7.10.7"}]},{"type":"GIT","repo":"https://github.com/curl/curl.git","events":[{"introduced":"ae1912cb0d494b48d514d937826c9fe83ec96c4d"},{"fixed":"5c2df3e1a4da7b17ae053ee8c4ecef5eb2d30464"}]}],"versions":["7.10.6","7.10.5","7.10.4","7.10.3","7.10.2","7.10.1","7.10","7.9.8","7.9.7","7.9.6","7.9.5","7.9.4","7.9.3","7.9.2","7.9.1","7.9","7.8.1","7.8","7.7.3","7.7.2","7.7.1","7.7","7.6.1","7.6","7.5.2","7.5.1","7.5","7.4.2","7.4.1","7.4","7.3","7.2.1","7.2","7.1.1","7.1","6.5.2","6.5.1","6.5","6.4","6.3.1","6.3","6.2","6.1","6.0","5.11","5.10","5.9.1","5.9","5.8","5.7.1","5.7","5.5.1","5.5","5.4","5.3","5.2.1","5.2","5.0","4.10","4.9","4.8.4","4.8.3","4.8.2","4.8.1","4.8","4.7","4.6","4.5.1","4.5"],"database_specific":{"source":"https://curl.se/docs/CURL-CVE-2003-1605.json"}}],"schema_version":"1.7.3","credits":[{"name":"unknown","type":"FINDER"}]}