CVE-2025-0167
CVE Information
CVE ID
CVE-2025-0167
Severity
LOW
CVSS 3.4
Publish Date
2025-02-05
Description
When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default` entry that omits both login and password. A rare circumstance.
Collection Date
2026-01-13
Impact Summary
Affected Hosts
3
Related Incidents
0
Related Alerts
0
Affected Hosts (3)
| Hostname | OS Type | Severity | Total CVEs |
|---|---|---|---|
| inbridge-42 | LINUX | CRITICAL | 142 |
| in-bridge-40 | LINUX | CRITICAL | 392 |
| inbridge-ubt-24 | LINUX | CRITICAL | 2364 |