[FEDORA-2022-39688a779d] Fedora 35: curl
Severity
Critical
Affected Packages
1
CVEs
4
- url: use IDN decoded names for HSTS checks (CVE-2022-42916) - http_proxy: restore the protocol pointer on error (CVE-2022-42915) - netrc: replace XXXXX with Curl_get_line (CVE-2022-35260) - fix POST following PUT confusion (CVE-2022-32221)
Package | Affected Version |
---|---|
pkg:rpm/fedora/curl?distro=fedora-35 | < 7.79.1.7.fc35 |
- ID
- FEDORA-2022-39688a779d
- Severity
- critical
- Severity from
- CVE-2022-32221
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2022-39688a779d
- Published
-
2022-11-10T16:21:52
(22 months ago) - Modified
-
2022-11-10T16:21:52
(22 months ago) - Rights
- Copyright 2022 Red Hat, Inc.
- Other Advisories
-
- ALAS2-2022-1882
- ALPINE:CVE-2022-32221
- ALPINE:CVE-2022-35260
- ALPINE:CVE-2022-42915
- ALPINE:CVE-2022-42916
- ALSA-2023:0333
- CURL-CVE-2022-32221
- CURL-CVE-2022-35260
- CURL-CVE-2022-42915
- CURL-CVE-2022-42916
- DSA-5330-1
- ELSA-2023-0333
- FEDORA-2022-e9d65906c4
- FREEBSD:0F99A30C-7B4B-11ED-9168-080027F5FEC9
- FREEBSD:DC49F6DC-99D2-11ED-86E9-D4C9EF517024
- GLSA-202212-01
- MS:CVE-2022-42915
- MS:CVE-2022-42916
- RHSA-2023:0333
- RLSA-2023:0333
- SSA:2022-299-01
- SUSE-SU-2022:3769-1
- SUSE-SU-2022:3770-1
- SUSE-SU-2022:3772-1
- SUSE-SU-2022:3773-1
- SUSE-SU-2022:3774-1
- SUSE-SU-2022:3785-1
- USN-5702-1
- USN-5702-2
- USN-5823-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 2137780 | Bug #2137780 - CVE-2022-32221 curl: POST following PUT confusion [fedora-all] | https://bugzilla.redhat.com/show_bug.cgi?id=2137780 |
Bugzilla | 2138111 | Bug #2138111 - CVE-2022-42915 curl: HTTP proxy double-free [fedora-all] | https://bugzilla.redhat.com/show_bug.cgi?id=2138111 |
Bugzilla | 2137769 | Bug #2137769 - CVE-2022-42916 curl: HSTS bypass via IDN [fedora-all] | https://bugzilla.redhat.com/show_bug.cgi?id=2137769 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/curl?distro=fedora-35 | fedora | curl | < 7.79.1.7.fc35 | fedora-35 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |