Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

Gentoo FoundationMGASA-2022-0483

HistoryDec 31, 2022 - 1:39 a.m.

Updated curl packages fix security vulnerability

Vulners
Mageia
Updated curl packages fix security vulnerability

2022-12-3101:39:00

Gentoo Foundation

advisories.mageia.org

144

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

42.9%

JSON

Another HSTS bypass via IDN. (CVE-2022-43551) HTTP Proxy deny use-after-free. (CVE-2022-43552)

OSVersionArchitecturePackageVersionFilename
Mageia8noarchcurl< 7.74.0-1.10curl-7.74.0-1.10.mga8

OS	Version	Architecture	Package	Version	Filename
Mageia	8	noarch	curl	< 7.74.0-1.10	curl-7.74.0-1.10.mga8

References

bugs.mageia.org/show_bug.cgi?id=31306

curl.se/docs/CVE-2022-43551.html

curl.se/docs/CVE-2022-43552.html

lists.fedoraproject.org/archives/list/[email protected]/thread/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/

lists.opensuse.org/archives/list/[email protected]/thread/SQ4FFB6OHYJ2NLJSNA767MNOKSZ3XGF2/

ubuntu 2

openvas 30

osv 10

nessus 60

fedora 2

cloudfoundry 1

ibm 18

photon 4

amazon 2

cbl_mariner 16

debiancve 2

redhatcve 2

ubuntucve 2

alpinelinux 2

cgr 2

f5 2

broadcom 1

redos 2

veracode 2

hackerone 3

prion 2

wolfi 2

cve 2

cvelist 2

nvd 2

kaspersky 2

mscve 1

oraclelinux 3

redhat 9

centos 1

almalinux 2

ics 1

debian 2

aix 1

rosalinux 1

gentoo 1

ubuntu

curl vulnerabilities

2023-01-05 00:00:00

curl vulnerabilities

2023-02-27 00:00:00

openvas

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1571)

2023-03-23 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:4597-1)

2022-12-22 00:00:00

Mageia: Security Advisory (MGASA-2022-0483)

2023-01-02 00:00:00

osv

curl vulnerabilities

2023-01-05 17:15:18

CVE-2022-43551

2022-12-23 15:15:15

Another HSTS bypass via IDN

2022-12-21 08:00:00

nessus

Fedora 36 : curl (2022-9836111c44)

2022-12-28 00:00:00

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2022:4597-1)

2022-12-22 00:00:00

Amazon Linux 2022 : (ALAS2022-2023-276)

2023-01-25 00:00:00

fedora

[SECURITY] Fedora 36 Update: curl-7.82.0-12.fc36

2022-12-28 01:40:29

[SECURITY] Fedora 37 Update: curl-7.85.0-5.fc37

2022-12-26 01:06:29

cloudfoundry

USN-5788-1: curl vulnerabilities | Cloud Foundry

2023-01-26 00:00:00

ibm

Security Bulletin: libcurl as used by IBM QRadar Wincollect agent is vulnerable to denial of service (CVE-2022-43552, CVE-2022-43551)

2023-01-25 19:11:03

Security Bulletin: IBM Storage Ceph is vulnerable to Use After Free in RHEL (CVE-2022-43552 )

2024-01-18 21:00:02

Security Bulletin: IBM Storage Ceph is vulnerable to Use After Free in RHEL (CVE-2022-43552 )

2024-01-26 22:04:27

photon

Important Photon OS Security Update - PHSA-2022-0304

2022-12-21 00:00:00

Important Photon OS Security Update - PHSA-2022-3.0-0508

2022-12-22 00:00:00

Important Photon OS Security Update - PHSA-2022-0551

2022-12-21 00:00:00

amazon

Medium: curl

2023-01-30 16:02:00

Medium: curl

2023-04-13 19:01:00

cbl_mariner

CVE-2022-43551 affecting package cmake for versions less than 3.21.4-3

2023-02-14 20:20:58

CVE-2022-43551 affecting package curl 7.86.0-1

2023-01-29 21:01:57

CVE-2022-43551 affecting package tensorflow for versions less than 2.16.1-1

2024-04-17 22:02:46

debiancve

CVE-2022-43551

2022-12-23 15:15:15

CVE-2022-43552

2023-02-09 20:15:10

redhatcve

CVE-2022-43551

2022-12-21 09:36:35

CVE-2022-43552

2022-12-21 09:36:44

ubuntucve

CVE-2022-43551

2022-12-21 00:00:00

CVE-2022-43552

2022-12-21 00:00:00

alpinelinux

CVE-2022-43551

2022-12-23 15:15:15

CVE-2022-43552

2023-02-09 20:15:10

cgr

CVE-2022-43551 vulnerabilities

2024-05-19 03:07:16

CVE-2022-43552 vulnerabilities

2024-05-19 03:07:16

K000132697 : Curl vulnerability CVE-2022-43551

2023-02-21 00:00:00

K000133092: cURL vulnerability CVE-2022-43552

2023-03-21 00:00:00

broadcom

CVE-2022-43551 - HSTS check could be bypassed to trick it to keep using HTTP.

2023-05-02 00:00:00

redos

ROS-20230414-03

2023-04-14 00:00:00

ROS-20230414-04

2023-04-14 00:00:00

veracode

Information Disclosure

2022-12-23 19:14:53

Use-After-Free

2022-12-23 19:14:50

hackerone

Internet Bug Bounty: CVE-2022-43551: Another HSTS bypass via IDN

2022-12-21 08:51:43

curl: CVE-2022-43552: HTTP Proxy deny use-after-free

2022-11-07 16:45:50

curl: CVE-2022-43551: Another HSTS bypass via IDN

2022-10-29 16:45:01

prion

Design/Logic Flaw

2022-12-23 15:15:00

Path traversal

2023-02-09 20:15:00

wolfi

CVE-2022-43551 vulnerabilities

2024-06-18 09:08:19

CVE-2022-43552 vulnerabilities

2024-06-18 09:08:19

cve

CVE-2022-43551

2022-12-23 15:15:15

CVE-2022-43552

2023-02-09 20:15:10

cvelist

CVE-2022-43551

2022-12-23 00:00:00

CVE-2022-43552

2023-02-09 00:00:00

nvd

CVE-2022-43551

2022-12-23 15:15:15

CVE-2022-43552

2023-02-09 20:15:10

kaspersky

KLA48563 ACE vulnerability in Microsoft Mariner

2023-02-10 00:00:00

KLA48562 ACE vulnerability in Microsoft Windows

2023-02-10 00:00:00

mscve

Open Source Curl Remote Code Execution Vulnerability

2023-02-10 00:00:00

oraclelinux

curl security update

2023-12-12 00:00:00

curl security and bug fix update

2023-05-24 00:00:00

curl security update

2023-05-15 00:00:00

redhat

(RHSA-2023:7743) Low: curl security update

2023-12-12 16:01:33

(RHSA-2023:2963) Low: curl security and bug fix update

2023-05-16 05:59:21

(RHSA-2023:2478) Low: curl security update

2023-05-09 05:11:57

centos

curl, libcurl security update

2024-01-12 19:12:33

almalinux

Low: curl security update

2023-05-09 00:00:00

Low: curl security and bug fix update

2023-05-16 00:00:00

ics

Siemens SINEC NMS Third-Party

2023-05-11 12:00:00

debian

[SECURITY] [DSA 5330-1] curl security update

2023-01-27 17:53:54

[SECURITY] [DLA 3288-1] curl security update

2023-01-28 21:19:47

aix

Multiple vulnerabilities cURL libcurl affect AIX

2023-06-29 09:35:59

rosalinux

Advisory ROSA-SA-2023-2221

2023-08-22 13:21:47

gentoo

curl: Multiple Vulnerabilities

2023-10-11 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

42.9%

JSON

Related for MGASA-2022-0483