1. Home
  2. Security Advisories
  3. FreeBSD
  4. FREEBSD:11E36890-D28C-11EC-A06F-D4C9EF517024

[FREEBSD:11E36890-D28C-11EC-A06F-D4C9EF517024] curl -- Multiple vulnerabilities

Severity High
Affected Packages 1
CVEs 6
Info Packages References Vulnerabilities

The curl project reports:

  CVE-2022-27778: curl removes wrong file on error
  CVE-2022-27779: cookie for trailing dot TLD
  CVE-2022-27780: percent-encoded path separator in URL host
  CVE-2022-27781: CERTINFO never-ending busy-loop
  CVE-2022-27782: TLS and SSH connection too eager reuse
  CVE-2022-30115: HSTS bypass via trailing dot
Package Affected Version
pkg:freebsd/curl < 7.83.1
ID
FREEBSD:11E36890-D28C-11EC-A06F-D4C9EF517024
Severity
high
Severity from
CVE-2022-27778
URL
http://vuxml.freebsd.org/freebsd/11e36890-d28c-11ec-a06f-d4c9ef517024.html
Published
2022-05-11T00:00:00
(2 years ago)
Modified
2022-05-13T00:00:00
(2 years ago)
Rights
FreeBSD VuXML Security Team
Other Advisories
Source # ID Name URL
FreeBSD VuXML https://curl.se/docs/security.html
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:freebsd/curl curl < 7.83.1
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date