Insufficiently Protected Credentials
A insufficiently protected credentials vulnerability in curl might leak authentication or cookie header data on HTTP redirects to the same host but another port number. This issue affects versions 4.9 through 7.82.0.
CWE-522 - Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.