CVE-2022-27776

Опубликовано: 02 июн. 2022

Источник: ubuntu

Приоритет: low

CVSS2: 4.3

CVSS3: 6.5

Описание

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.

Релиз	Статус	Примечание
bionic	released	7.58.0-2ubuntu3.17
devel	released	7.83.0-1
esm-infra-legacy/trusty	ignored	regressions possible
esm-infra/bionic	released	7.58.0-2ubuntu3.17
esm-infra/focal	released	7.68.0-1ubuntu2.10
esm-infra/xenial	ignored	regressions possible
focal	released	7.68.0-1ubuntu2.10
impish	released	7.74.0-1.3ubuntu2.1
jammy	released	7.81.0-1ubuntu1.1
trusty/esm	ignored	end of ESM support, was ignored [regressions possible]

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-27776

CVSS3: 4.3

redhat

больше 3 лет назад

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.

CVE-2022-27776

CVSS3: 6.5

nvd

больше 3 лет назад

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.

CVE-2022-27776

msrc

больше 3 лет назад

HackerOne: CVE-2022-27776 Insufficiently protected credentials vulnerability might leak authentication or cookie header data

CVE-2022-27776

CVSS3: 6.5

debian

больше 3 лет назад

A insufficiently protected credentials vulnerability in fixed in curl ...

GHSA-hc85-wpv5-52wh

CVSS3: 6.5

github

больше 3 лет назад

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.

4.3 Medium

CVSS2

6.5 Medium

CVSS3

CVE-2022-27776

Описание

Пакет curl

Ссылки на источники

Связанные уязвимости