Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-27774

Опубликовано: 02 июн. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 3.5
CVSS3: 5.7

Описание

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.

РелизСтатусПримечание
bionic

released

7.58.0-2ubuntu3.17
devel

released

7.83.0-1
esm-infra-legacy/trusty

ignored

regressions likely
esm-infra/bionic

released

7.58.0-2ubuntu3.17
esm-infra/focal

released

7.68.0-1ubuntu2.10
esm-infra/xenial

ignored

regressions likely
focal

released

7.68.0-1ubuntu2.10
impish

released

7.74.0-1.3ubuntu2.1
jammy

released

7.81.0-1ubuntu1.1
trusty/esm

ignored

end of ESM support, was ignored [regressions likely]

Показывать по

Ссылки на источники

EPSS

Процентиль: 53%
0.00302
Низкий

3.5 Low

CVSS2

5.7 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-27774

CVSS3: 5
redhat
больше 3 лет назад

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.

nvd логотип

CVE-2022-27774

CVSS3: 5.7
nvd
больше 3 лет назад

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.

msrc логотип

CVE-2022-27774

CVSS3: 5.7
msrc
больше 3 лет назад

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.

debian логотип

CVE-2022-27774

CVSS3: 5.7
debian
больше 3 лет назад

An insufficiently protected credentials vulnerability exists in curl 4 ...

github логотип

GHSA-7xmh-mw7w-rr97

CVSS3: 5.7
github
больше 3 лет назад

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.

EPSS

Процентиль: 53%
0.00302
Низкий

3.5 Low

CVSS2

5.7 Medium

CVSS3