UBUNTU-CVE-2011-0160

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2011-0160

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2011/UBUNTU-CVE-2011-0160.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2011-0160

Upstream

CVE-2011-0160

Published

2011-03-11T22:55:00Z

Modified

2026-04-22T08:57:54.281793Z

Severity

Ubuntu - medium

Summary

[none]

Details

WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects in conjunction with HTTP Basic Authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header.

References

Affected packages

Ubuntu:16.04:LTS / qtwebkit-source

Package

Name: qtwebkit-source
Purl: pkg:deb/ubuntu/qtwebkit-source@2.3.2-0ubuntu11?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.3.2-0ubuntu10

2.3.2-0ubuntu11

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libqtwebkit-qmlwebkitplugin",
            "binary_version": "2.3.2-0ubuntu11"
        },
        {
            "binary_name": "libqtwebkit4",
            "binary_version": "2.3.2-0ubuntu11"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2011/UBUNTU-CVE-2011-0160.json"