[FREEBSD:11E36890-D28C-11EC-A06F-D4C9EF517024] curl -- Multiple vulnerabilities
Severity
High
Affected Packages
1
CVEs
6
The curl project reports:
CVE-2022-27778: curl removes wrong file on error
CVE-2022-27779: cookie for trailing dot TLD
CVE-2022-27780: percent-encoded path separator in URL host
CVE-2022-27781: CERTINFO never-ending busy-loop
CVE-2022-27782: TLS and SSH connection too eager reuse
CVE-2022-30115: HSTS bypass via trailing dot
Package | Affected Version |
---|---|
pkg:freebsd/curl | < 7.83.1 |
- ID
- FREEBSD:11E36890-D28C-11EC-A06F-D4C9EF517024
- Severity
- high
- Severity from
- CVE-2022-27778
- URL
- http://vuxml.freebsd.org/freebsd/11e36890-d28c-11ec-a06f-d4c9ef517024.html
- Published
-
2022-05-11T00:00:00
(2 years ago) - Modified
-
2022-05-13T00:00:00
(2 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALAS-2022-1646
- ALAS2-2022-1808
- ALAS2-2023-1924
- ALPINE:CVE-2022-27778
- ALPINE:CVE-2022-27779
- ALPINE:CVE-2022-27780
- ALPINE:CVE-2022-27781
- ALPINE:CVE-2022-27782
- ALPINE:CVE-2022-30115
- ALSA-2022:5313
- CURL-CVE-2022-27778
- CURL-CVE-2022-27779
- CURL-CVE-2022-27780
- CURL-CVE-2022-27781
- CURL-CVE-2022-27782
- CURL-CVE-2022-30115
- DSA-5197-1
- ELSA-2022-5245
- ELSA-2022-5313
- FEDORA-2022-3d8f00cde2
- FEDORA-2022-8277bef335
- FEDORA-2022-d15a736748
- FREEBSD:8E150606-08C9-11ED-856E-D4C9EF517024
- GLSA-202212-01
- MS:CVE-2022-27778
- MS:CVE-2022-27779
- MS:CVE-2022-27780
- MS:CVE-2022-27781
- MS:CVE-2022-27782
- MS:CVE-2022-30115
- RHSA-2022:5245
- RHSA-2022:5313
- RLSA-2022:5313
- SSA:2022-131-01
- SUSE-SU-2022:1733-1
- SUSE-SU-2022:1805-1
- SUSE-SU-2022:1870-1
- SUSE-SU-2022:2813-1
- SUSE-SU-2022:2829-1
- USN-5412-1
- USN-5499-1
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | https://curl.se/docs/security.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/curl | curl | < 7.83.1 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |