GHSA-vw2x-3w8j-rq82CriticalCVSS 9.1
When asking curl to use a `.netrc` file to find credentials and at the same time specifying a URL...
🔗 CVE IDs covered (1)
📋 Description
When asking curl to use a .netrc file to find credentials and at the same
time specifying a URL with a username(without a password), like
https://[email protected]/, curl could wrongly get and use the password for
another user set in the .netrc file for that host if such a one exists and
there is no match for the specified user.