Lucene search
OracleLinuxELSA-2022-5245HistoryJun 30, 2022 - 12:00 a.m.
curl security update
2022-06-3000:00:00
linux.oracle.com
20
curl update
security fix
tls connection
ssh connection
srp credentials
makefile tests
cve-2022-27782
cve-2022-27774
cve-2022-27776
cve-2022-22576
unix
EPSS
0.006
Percentile
79.3%
[7.76.1-14.el9_0.4]
- fix too eager reuse of TLS and SSH connections (CVE-2022-27782)
[7.76.1-14.el9_0.3] - fix leak of SRP credentials in redirects (CVE-2022-27774)
[7.76.1-14.el9_0.2] - add missing tests to Makefile
[7.76.1-14.el9_0.1] - fix credential leak on redirect (CVE-2022-27774)
- fix auth/cookie leak on redirect (CVE-2022-27776)
- fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | curl | < 7.76.1-14.el9_0.4 | curl-7.76.1-14.el9_0.4.src.rpm |
| oracle linux | 9 | aarch64 | curl | < 7.76.1-14.el9_0.4 | curl-7.76.1-14.el9_0.4.aarch64.rpm |
| oracle linux | 9 | aarch64 | curl-minimal | < 7.76.1-14.el9_0.4 | curl-minimal-7.76.1-14.el9_0.4.aarch64.rpm |
| oracle linux | 9 | aarch64 | libcurl | < 7.76.1-14.el9_0.4 | libcurl-7.76.1-14.el9_0.4.aarch64.rpm |
| oracle linux | 9 | aarch64 | libcurl-devel | < 7.76.1-14.el9_0.4 | libcurl-devel-7.76.1-14.el9_0.4.aarch64.rpm |
| oracle linux | 9 | aarch64 | libcurl-minimal | < 7.76.1-14.el9_0.4 | libcurl-minimal-7.76.1-14.el9_0.4.aarch64.rpm |
| oracle linux | 9 | src | curl | < 7.76.1-14.el9_0.4 | curl-7.76.1-14.el9_0.4.src.rpm |
| oracle linux | 9 | x86_64 | curl | < 7.76.1-14.el9_0.4 | curl-7.76.1-14.el9_0.4.x86_64.rpm |
| oracle linux | 9 | x86_64 | curl-minimal | < 7.76.1-14.el9_0.4 | curl-minimal-7.76.1-14.el9_0.4.x86_64.rpm |
| oracle linux | 9 | i686 | libcurl | < 7.76.1-14.el9_0.4 | libcurl-7.76.1-14.el9_0.4.i686.rpm |
Related
nessus
nessus
RHEL 8 : curl (RHSA-2022:5313)
2022-07-01 00:00:00
Oracle Linux 9 : curl (ELSA-2022-5245)
2022-07-07 00:00:00
Oracle Linux 8 : curl (ELSA-2022-5313)
2022-06-30 00:00:00
osv
osv
Moderate: curl security update
2022-06-28 10:52:02
Moderate: curl security update
2022-06-30 00:00:00
curl vulnerabilities
2022-04-28 18:23:23
redhat
redhat
(RHSA-2022:5313) Moderate: curl security update
2022-06-28 10:52:02
(RHSA-2022:5245) Moderate: curl security update
2022-06-28 08:27:15
rocky
rocky
curl security update
2022-06-28 10:52:02
oraclelinux
oraclelinux
curl security update
2022-06-30 00:00:00
almalinux
almalinux
Moderate: curl security update
2022-06-30 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2220
2023-08-22 13:18:19
openvas
openvas
Fedora: Security Advisory for curl (FEDORA-2022-3d8f00cde2)
2022-05-18 00:00:00
Fedora: Security Advisory for curl (FEDORA-2022-8277bef335)
2022-05-25 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1991)
2022-07-08 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: curl-7.79.1-4.fc35
2022-05-18 01:11:50
[SECURITY] Fedora 34 Update: curl-7.76.1-16.fc34
2022-05-24 01:41:08
[SECURITY] Fedora 36 Update: curl-7.82.0-4.fc36
2022-05-07 05:15:01
amazon
amazon
slackware
slackware
[slackware-security] curl
2022-04-27 21:48:34
ubuntu
ubuntu
curl vulnerabilities
2022-04-28 00:00:00
freebsd
freebsd
cURL -- Multiple vulnerabilities
2022-04-27 00:00:00
mediawiki -- multiple vulnerabilities
2022-05-16 00:00:00
cloudfoundry
cloudfoundry
USN-5397-1: curl vulnerabilities | Cloud Foundry
2022-05-23 00:00:00
mageia
mageia
Updated curl packages fix security vulnerability
2022-05-02 22:44:52
Updated curl packages fix security vulnerability
2022-05-15 13:06:40
redos
redos
ROS-20220516-09
2022-05-16 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2022-0388
2022-04-30 00:00:00
Moderate Photon OS Security Update - PHSA-2022-0176
2022-04-30 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0176
2022-04-30 00:00:00
hackerone
hackerone
curl: CVE-2022-27776: Auth/cookie leak on redirect
2022-04-21 15:20:43
Internet Bug Bounty: CVE-2022-27776: Auth/cookie leak on redirect
2022-04-27 07:10:47
Internet Bug Bounty: OAUTH2 bearer not-checked for connection re-use
2022-04-27 16:16:35
suse
suse
Security update for curl (moderate)
2022-05-13 00:00:00
Security update for curl (important)
2022-05-27 00:00:00
alpinelinux
alpinelinux
ubuntucve
ubuntucve
debiancve
debiancve
veracode
veracode
Authentication Bypass
2022-04-29 06:57:54
Authentication Bypass
2022-05-14 20:51:19
Information Disclosure
2022-04-30 16:23:48
prion
prion
Authentication flaw
2022-05-26 17:15:00
Design/Logic Flaw
2022-06-02 14:15:00
Code injection
2022-06-02 14:15:00
redhatcve
redhatcve
cvelist
cvelist
nvd
nvd
cbl_mariner
cbl_mariner
CVE-2022-27782 affecting package curl for versions less than 7.83.1-1
2022-07-01 21:02:21
CVE-2022-22576 affecting package curl 7.76.0-9
2022-05-12 02:16:39
CVE-2022-27774 affecting package curl 7.76.0-9
2022-05-12 02:16:39
debian
debian
[SECURITY] [DLA 3288-1] curl security update
2023-01-28 21:19:47
[SECURITY] [DLA 3085-1] curl security update
2022-08-28 23:00:51
[SECURITY] [DSA 5197-1] curl security update
2022-08-01 16:58:44
cve
cve
broadcom
broadcom
cloudlinux
cloudlinux
Fixed CVE-2022-27782 in curl
2022-07-04 19:12:03
mscve
mscve
github
github
CURLOPT_HTTPAUTH option not cleared on change of origin
2022-06-21 16:57:10
rubygems
rubygems
Authorization header leak on port redirect in mechanize
2022-06-08 21:00:00
friendsofphp
friendsofphp
CURLOPT_HTTPAUTH option not cleared on change of origin
2022-06-20 22:24:00