exploitDog

GHSA-p2px-rphp-6xx6

Опубликовано: 09 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure.

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure.

Ссылки

EPSS

Процентиль: 51%

0.0028

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-401

Связанные уязвимости

CVE-2022-40281

CVSS3: 7.5

ubuntu

больше 3 лет назад

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure.

CVE-2022-40281

CVSS3: 7.5

nvd

больше 3 лет назад

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure.

EPSS

Процентиль: 51%

0.0028

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-401