UBUNTU-CVE-2012-0647

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2012-0647

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2012/UBUNTU-CVE-2012-0647.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2012-0647

Upstream

CVE-2012-0647

Published

2012-03-12T21:55:00Z

Modified

2026-04-22T09:11:06.742101Z

Severity

Ubuntu - medium

Summary

[none]

Details

WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header.

References

Affected packages

Ubuntu:16.04:LTS / qtwebkit-source

Package

Name: qtwebkit-source
Purl: pkg:deb/ubuntu/qtwebkit-source@2.3.2-0ubuntu11?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.3.2-0ubuntu10

2.3.2-0ubuntu11

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "2.3.2-0ubuntu11",
            "binary_name": "libqtwebkit-qmlwebkitplugin"
        },
        {
            "binary_version": "2.3.2-0ubuntu11",
            "binary_name": "libqtwebkit4"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2012/UBUNTU-CVE-2012-0647.json"