A vulnerability, which was classified as problematic, was found in follow-redirects up to 1.15.5. Affected is an unknown function of the component Authorization Header Handler. The manipulation leads to information disclosure.
This vulnerability is traded as CVE-2024-28849. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.