CVE-2022-27780

Related Files

Gentoo Linux Security Advisory 202212-01

Posted Dec 19, 2022

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202212-1 - Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. Versions less than 7.86.0 are affected.

tags | advisory, arbitrary, vulnerability, code execution

systems | linux, gentoo

advisories | CVE-2021-22922, CVE-2021-22923, CVE-2021-22925, CVE-2021-22926, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781

SHA-256 | e297fe6f1bca3eb09660ab5922cdfac1c9a3279734e9e89e74cc758a3e08ac46

Download | Favorite | View

Ubuntu Security Notice USN-5412-1

Posted May 11, 2022

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5412-1 - Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this issue to trick curl into using the wrong URL and bypass certain checks or filters. This issue only affected Ubuntu 22.04 LTS. Florian Kohnhuser discovered that curl incorrectly handled returning a TLS server's certificate chain details. A remote attacker could possibly use this issue to cause curl to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2022-27780, CVE-2022-27781, CVE-2022-27782

SHA-256 | 477ec6bff1dfd28bf6df200de8f8540192a02b1e6306fa486d364e719ff4bca8

Download | Favorite | View