Описание
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 7.58.0-2ubuntu3.17 |
| devel | released | 7.83.0-1 |
| esm-infra-legacy/trusty | ignored | regressions possible |
| esm-infra/bionic | not-affected | 7.58.0-2ubuntu3.17 |
| esm-infra/focal | not-affected | 7.68.0-1ubuntu2.10 |
| esm-infra/xenial | ignored | regressions possible |
| focal | released | 7.68.0-1ubuntu2.10 |
| impish | released | 7.74.0-1.3ubuntu2.1 |
| jammy | released | 7.81.0-1ubuntu1.1 |
| trusty/esm | ignored | end of ESM support, was ignored [regressions possible] |
Показывать по
EPSS
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
HackerOne: CVE-2022-27776 Insufficiently protected credentials vulnerability might leak authentication or cookie header data
A insufficiently protected credentials vulnerability in fixed in curl ...
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
EPSS
4.3 Medium
CVSS2
6.5 Medium
CVSS3