Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-27782

Опубликовано: 02 июн. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.

РелизСтатусПримечание
bionic

released

7.58.0-2ubuntu3.18
devel

released

7.83.1-1
esm-infra-legacy/trusty

ignored

regressions likely
esm-infra/bionic

not-affected

7.58.0-2ubuntu3.18
esm-infra/focal

not-affected

7.68.0-1ubuntu2.11
esm-infra/xenial

ignored

regressions likely
focal

released

7.68.0-1ubuntu2.11
impish

released

7.74.0-1.3ubuntu2.2
jammy

released

7.81.0-1ubuntu1.2
trusty/esm

ignored

end of ESM support, was ignored [regressions likely]

Показывать по

Ссылки на источники

EPSS

Процентиль: 53%
0.00307
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-27782

CVSS3: 7.5
redhat
около 3 лет назад

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.

nvd логотип

CVE-2022-27782

CVSS3: 7.5
nvd
около 3 лет назад

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.

msrc логотип

CVE-2022-27782

CVSS3: 7.5
msrc
около 3 лет назад

Описание отсутствует

debian логотип

CVE-2022-27782

CVSS3: 7.5
debian
около 3 лет назад

libcurl would reuse a previously created connection even when a TLS or ...

github логотип

GHSA-x38v-8q6p-w65c

CVSS3: 7.5
github
около 3 лет назад

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.

EPSS

Процентиль: 53%
0.00307
Низкий

5 Medium

CVSS2

7.5 High

CVSS3