How severe is CVE-2024-11053?

This vulnerability has a severity rating of LOW with a CVSS score of 3.4 out of 10.

What type of vulnerability is CVE-2024-11053?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2024-11053

LOW Year: 2024

CVSS v3 Score

3.4

Low

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.

CVE-2016-3484

LOW

CVSS:3.4(Low)

Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors.

NVD-CWE-Other2016

CVE-2017-10088

LOW

CVSS:3.4(Low)

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerabili...

NVD-CWE-Other2017

CVE-2018-3136

LOW

CVSS:3.4(Low)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u1...

NVD-CWE-Other2018

CVE-2018-6678

LOW

CVSS:3.4(Low)

Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via ...

NVD-CWE-Other2018

CVE-2019-2605

LOW

CVSS:3.4(Low)

Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Web Catalog). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 ...

NVD-CWE-Other2019

CVE-2019-2786

LOW

CVSS:3.4(Low)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211...

NVD-CWE-Other2019

CVE-2024-11053

Vulnerability Description

Related Vulnerabilities

CVE-2016-3484

CVE-2017-10088

CVE-2018-3136

CVE-2018-6678

CVE-2019-2605

CVE-2019-2786