FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

curl -- Multiple vulnerabilities

Affected packages
curl < 7.83.1

Details

VuXML ID 11e36890-d28c-11ec-a06f-d4c9ef517024
Discovery 2022-05-11
Entry 2022-05-13

The curl project reports:

CVE-2022-27778: curl removes wrong file on error

CVE-2022-27779: cookie for trailing dot TLD

CVE-2022-27780: percent-encoded path separator in URL host

CVE-2022-27781: CERTINFO never-ending busy-loop

CVE-2022-27782: TLS and SSH connection too eager reuse

CVE-2022-30115: HSTS bypass via trailing dot

[source]

References

CVE Name CVE-2022-27778
CVE Name CVE-2022-27779
CVE Name CVE-2022-27780
CVE Name CVE-2022-27781
CVE Name CVE-2022-27782
CVE Name CVE-2022-30115
URL https://curl.se/docs/security.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.