curl is vulnerable to man-in-the-middle attacks. The vulnerability exists due to the lack of message verification in krb5, allowing an attacker to inject data to the client.

CPENameOperatorVersion
curl:bioniceq7.58.0-2ubuntu3
curl:bioniceq7.58.0-2ubuntu3.15
curl:bioniceq7.58.0-2ubuntu3.10
curl:focaleq7.68.0-1ubuntu2.2
curl:focaleq7.68.0-1ubuntu2.7
curl:focaleq7.68.0-1ubuntu2
curl:3.16eq7.83.0-r0
curl:3.16eq7.83.1-r1
curl:edgeeq7.83.1-r1
curl:edgeeq7.78.0-r0

Name	Operator	Version
curl:bionic	eq	7.58.0-2ubuntu3
curl:bionic	eq	7.58.0-2ubuntu3.15
curl:bionic	eq	7.58.0-2ubuntu3.10
curl:focal	eq	7.68.0-1ubuntu2.2
curl:focal	eq	7.68.0-1ubuntu2.7
curl:focal	eq	7.68.0-1ubuntu2
curl:3.16	eq	7.83.0-r0
curl:3.16	eq	7.83.1-r1
curl:edge	eq	7.83.1-r1
curl:edge	eq	7.78.0-r0

Rows per page:

1-10 of 3611

References

git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2022-32208

seclists.org/fulldisclosure/2022/Oct/28

seclists.org/fulldisclosure/2022/Oct/41

hackerone.com/reports/1590071

lists.debian.org/debian-lts-announce/2022/08/msg00017.html

lists.fedoraproject.org/archives/list/[email protected]/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/

security.gentoo.org/glsa/202212-01

security.netapp.com/advisory/ntap-20220915-0003/

support.apple.com/kb/HT213488

www.debian.org/security/2022/dsa-5197

hackerone 2

redhatcve 1

openvas 28

nessus 43

nvd 1

debiancve 1

osv 9

cve 1

cbl_mariner 2

ubuntucve 1

alpinelinux 1

cvelist 1

ibm 19

prion 1

almalinux 2

ubuntu 2

rocky 2

suse 3

redhat 25

oraclelinux 2

freebsd 1

mageia 1

photon 6

fedora 2

slackware 1

cloudfoundry 1

amazon 2

rosalinux 1

ics 4

debian 2

gentoo 1

apple 1

tenable 1

oracle 1

hackerone

curl: CVE-2022-32208: FTP-KRB bad message verification

2022-06-02 20:12:35

Internet Bug Bounty: CVE-2022-32208: FTP-KRB bad message verification

2022-06-27 07:11:13

redhatcve

CVE-2022-32208

2022-06-28 03:35:50

openvas

SUSE: Security Advisory (SUSE-SU-2022:2356-1)

2022-07-12 00:00:00

openSUSE: Security Advisory for curl (SUSE-SU-2022:2327-2)

2024-03-04 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:2327-1)

2022-07-08 00:00:00

nessus

CBL Mariner 2.0 Security Update: curl (CVE-2022-32208)

2023-03-20 00:00:00

Siemens SCALANCE XCM332 Out-of-Bounds Write (CVE-2022-32208)

2023-05-02 00:00:00

SUSE SLES12 Security Update : curl (SUSE-SU-2022:2356-1)

2022-07-12 00:00:00

nvd

CVE-2022-32208

2022-07-07 13:15:08

debiancve

CVE-2022-32208

2022-07-07 13:15:08

osv

CVE-2022-32208

2022-07-07 13:15:08

Moderate: curl security update

2022-08-24 00:00:00

curl vulnerabilities

2022-07-01 02:04:04

cve

CVE-2022-32208

2022-07-07 13:15:08

cbl_mariner

CVE-2022-32208 affecting package curl for versions less than 7.84.0-1

2022-08-03 21:15:00

CVE-2022-32208 affecting package curl 7.76.0-9

2022-08-24 22:05:05

ubuntucve

CVE-2022-32208

2022-06-27 00:00:00

alpinelinux

CVE-2022-32208

2022-07-07 13:15:08

cvelist

CVE-2022-32208

2022-07-07 00:00:00

ibm

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a man-in-the-middle attack in cURL libcurl (CVE-2022-32208)

2023-03-31 16:58:32

Security Bulletin: Vulnerabilities in libcurl may affect IBM Spectrum Copy Data Management (CVE-2022-32206, CVE-2022-32208)

2022-10-07 18:12:33

Security Bulletin: IBM MaaS360 Cloud Extender Agent and Base Module uses libcurl with multiple known vulnerabilities (CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208)

2022-10-06 04:10:57

prion

Code injection

2022-07-07 13:15:00

almalinux

Moderate: curl security update

2022-08-24 00:00:00

Moderate: curl security update

2022-08-24 00:00:00

ubuntu

curl vulnerabilities

2022-07-01 00:00:00

curl vulnerabilities

2022-06-27 00:00:00

rocky

curl security update

2022-08-24 15:12:40

curl security update

2022-08-24 14:56:48

suse

Security update for curl (important)

2022-07-07 00:00:00

Security update for curl (important)

2022-09-01 00:00:00

Security update for curl (important)

2022-07-06 00:00:00

redhat

(RHSA-2022:6159) Moderate: curl security update

2022-08-24 15:12:40

(RHSA-2022:6157) Moderate: curl security update

2022-08-24 14:56:48

(RHSA-2022:6287) Moderate: OpenShift Container Platform 4.11.3 packages and security update

2022-09-07 20:37:32

oraclelinux

curl security update

2022-08-24 00:00:00

curl security update

2022-08-25 00:00:00

freebsd

cURL -- Multiple vulnerabilities

2022-06-27 00:00:00

mageia

Updated curl packages fix security vulnerability

2022-07-05 22:11:26

photon

Moderate Photon OS Security Update - PHSA-2022-0412

2022-06-30 00:00:00

Critical Photon OS Security Update - PHSA-2022-3.0-0412

2022-06-30 00:00:00

Moderate Photon OS Security Update - PHSA-2022-0491

2022-06-30 00:00:00

fedora

[SECURITY] Fedora 35 Update: curl-7.79.1-5.fc35

2022-07-15 01:36:25

[SECURITY] Fedora 36 Update: curl-7.82.0-6.fc36

2022-07-01 01:09:59

slackware

[slackware-security] curl

2022-06-28 19:27:52

cloudfoundry

USN-5495-1: curl vulnerabilities | Cloud Foundry

2022-12-07 00:00:00

amazon

Medium: curl

2022-10-31 19:40:00

Medium: curl

2022-12-01 17:33:00

rosalinux

Advisory ROSA-SA-2023-2220

2023-08-22 13:18:19

ics

Siemens SCALANCE XCM332

2023-04-13 12:00:00

Siemens SINAMICS Medium Voltage Products

2023-06-15 12:00:00

Siemens SCALANCE, RUGGEDCOM Third-Party

2023-03-16 12:00:00

debian

[SECURITY] [DLA 3085-1] curl security update

2022-08-28 23:00:51

[SECURITY] [DSA 5197-1] curl security update

2022-08-01 16:58:44

gentoo

curl: Multiple Vulnerabilities

2022-12-19 00:00:00

apple

About the security content of macOS Ventura 13

2022-10-24 00:00:00

tenable

[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities

2023-06-29 10:45:47

oracle

Oracle Critical Patch Update Advisory - October 2022

2022-10-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.003 Low

EPSS

Percentile

69.5%

JSON

Related for VERACODE:36190