Количество 43
Количество 43
BDU:2022-03036
Уязвимость реализации протокола OAUTH2 утилиты командной строки cURL, позволяющая нарушителю обойти процесс аутентификации и получить несанкционированный доступ к защищаемой информации
CVE-2022-27774
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
CVE-2022-27774
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
CVE-2022-27774
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
CVE-2022-27774
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
CVE-2022-27774
An insufficiently protected credentials vulnerability exists in curl 4 ...
CVE-2022-27782
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.
CVE-2022-27782
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.
CVE-2022-27782
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.
CVE-2022-27782
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However several TLS andSSH settings were left out from the configuration match checks making themmatch too easily.
CVE-2022-27782
libcurl would reuse a previously created connection even when a TLS or ...
GHSA-7xmh-mw7w-rr97
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
BDU:2022-03041
Уязвимость утилиты командной строки cURL, связанная с недостаточной защитой регистрационных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
GHSA-x38v-8q6p-w65c
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.
BDU:2022-03185
Уязвимость реализации протоколов TLS и SSH утилиты командной строки cURL, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
SUSE-SU-2022:1870-1
Security update for curl
SUSE-SU-2022:1805-1
Security update for curl
SUSE-SU-2022:1733-1
Security update for curl
SUSE-SU-2022:2829-1
Security update for curl
SUSE-SU-2022:2813-1
Security update for curl
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2022-03036 Уязвимость реализации протокола OAUTH2 утилиты командной строки cURL, позволяющая нарушителю обойти процесс аутентификации и получить несанкционированный доступ к защищаемой информации | CVSS3: 3.7 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-27774 An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. | CVSS3: 5.7 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-27774 An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. | CVSS3: 5 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-27774 An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. | CVSS3: 5.7 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-27774 An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. | CVSS3: 5.7 | 0% Низкий | больше 3 лет назад |
| CVE-2022-27774 An insufficiently protected credentials vulnerability exists in curl 4 ... | CVSS3: 5.7 | 0% Низкий | больше 3 лет назад |
| CVE-2022-27782 libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| CVE-2022-27782 libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| CVE-2022-27782 libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| CVE-2022-27782 libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However several TLS andSSH settings were left out from the configuration match checks making themmatch too easily. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| CVE-2022-27782 libcurl would reuse a previously created connection even when a TLS or ... | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| GHSA-7xmh-mw7w-rr97 An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. | CVSS3: 5.7 | 0% Низкий | больше 3 лет назад |
| BDU:2022-03041 Уязвимость утилиты командной строки cURL, связанная с недостаточной защитой регистрационных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 5 | 0% Низкий | больше 3 лет назад |
| GHSA-x38v-8q6p-w65c libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| BDU:2022-03185 Уязвимость реализации протоколов TLS и SSH утилиты командной строки cURL, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 5.3 | 1% Низкий | больше 3 лет назад |
 | SUSE-SU-2022:1870-1 Security update for curl | больше 3 лет назад | ||
| SUSE-SU-2022:1805-1 Security update for curl | больше 3 лет назад | ||
| SUSE-SU-2022:1733-1 Security update for curl | больше 3 лет назад | ||
| SUSE-SU-2022:2829-1 Security update for curl | больше 3 лет назад | ||
| SUSE-SU-2022:2813-1 Security update for curl | больше 3 лет назад |
Уязвимостей на страницу