Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-22576

Опубликовано: 26 мая 2022
Источник: ubuntu
Приоритет: medium
CVSS2: 5.5
CVSS3: 8.1

Описание

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).

РелизСтатусПримечание
bionic

released

7.58.0-2ubuntu3.17
devel

released

7.83.0-1
esm-infra-legacy/trusty

ignored

not-in-code
esm-infra/bionic

not-affected

7.58.0-2ubuntu3.17
esm-infra/focal

not-affected

7.68.0-1ubuntu2.10
esm-infra/xenial

ignored

not-in-code
focal

released

7.68.0-1ubuntu2.10
impish

released

7.74.0-1.3ubuntu2.1
jammy

released

7.81.0-1ubuntu1.1
trusty/esm

ignored

end of ESM support, was ignored [not-in-code]

Показывать по

Ссылки на источники

5.5 Medium

CVSS2

8.1 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-22576

CVSS3: 8.1
redhat
около 3 лет назад

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).

nvd логотип

CVE-2022-22576

CVSS3: 8.1
nvd
около 3 лет назад

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).

msrc логотип

CVE-2022-22576

CVSS3: 8.1
msrc
около 3 лет назад

Описание отсутствует

debian логотип

CVE-2022-22576

CVSS3: 8.1
debian
около 3 лет назад

An improper authentication vulnerability exists in curl 7.33.0 to and ...

github логотип

GHSA-2r69-696x-qxj9

CVSS3: 8.1
github
около 3 лет назад

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).

5.5 Medium

CVSS2

8.1 High

CVSS3