Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-27781

Опубликовано: 02 июн. 2022
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

libcurl provides the CURLOPT_CERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation. Due to an erroneous function, a malicious server could make libcurl built with NSS get stuck in a never-ending busy-loop when trying to retrieve that information.]

РелизСтатусПримечание
bionic

released

7.58.0-2ubuntu3.18
devel

released

7.83.1-1
esm-infra-legacy/trusty

not-affected

7.35.0-1ubuntu2.20+esm11
esm-infra/bionic

not-affected

7.58.0-2ubuntu3.18
esm-infra/focal

not-affected

7.68.0-1ubuntu2.11
esm-infra/xenial

released

7.47.0-1ubuntu2.19+esm4
focal

released

7.68.0-1ubuntu2.11
impish

released

7.74.0-1.3ubuntu2.2
jammy

released

7.81.0-1ubuntu1.2
trusty/esm

released

7.35.0-1ubuntu2.20+esm11

Показывать по

EPSS

Процентиль: 20%
0.00063
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVSS3: 7.5
redhat
около 3 лет назад

libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.

CVSS3: 7.5
nvd
около 3 лет назад

libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.

CVSS3: 7.5
msrc
около 3 лет назад

Описание отсутствует

CVSS3: 7.5
debian
около 3 лет назад

libcurl provides the `CURLOPT_CERTINFO` option to allow applications t ...

CVSS3: 7.5
github
около 3 лет назад

libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.

EPSS

Процентиль: 20%
0.00063
Низкий

5 Medium

CVSS2

7.5 High

CVSS3