aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
aria2 project aria2 1.33.1 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
fedoraproject fedora 28 |
||
fedoraproject fedora 29 |
||
fedoraproject fedora 30 |
||
canonical ubuntu linux 18.10 |
||
canonical ubuntu linux 19.04 |