Lucene search

CVE-2022-43551

🗓️ 23 Dec 2022 15:15:15Reported by hackeroneType

A vulnerability in curl HSTS check allows bypassing HTTPS usag

Reporter	Title	Published	Views	Family All 97
RedhatCVE	CVE-2022-43551	21 Dec 202209:36	–	redhatcve
F5 Networks	K000132697 : Curl vulnerability CVE-2022-43551	21 Feb 202300:00	–	f5
UbuntuCve	CVE-2022-43551	21 Dec 202200:00	–	ubuntucve
Chainguard	CVE-2022-43551 vulnerabilities	23 Dec 202215:15	–	cgr
AlpineLinux	CVE-2022-43551	23 Dec 202215:15	–	alpinelinux
OSV	CVE-2022-43551	23 Dec 202215:15	–	osv
OSV	CGA-XCG9-6H39-HJM3	6 Jun 202412:29	–	osv
OSV	Another HSTS bypass via IDN	21 Dec 202208:00	–	osv
OSV	OPENSUSE-SU-2024:12583-1 curl-7.87.0-1.1 on GA media	15 Jun 202400:00	–	osv
OSV	curl vulnerabilities	5 Jan 202317:15	–	osv

Nvd

Vulners

Node

haxx curlRange7.77.0–7.87.0

Node

fedoraproject fedoraMatch37

Node

netapp active_iq_unified_managerMatch-vmware_vsphere

netapp active_iq_unified_managerMatch-windows

netapp oncommand_insightMatch-

netapp oncommand_workflow_automationMatch-

netapp snapcenterMatch-

Node

splunk universal_forwarderRange8.2.0–8.2.12

splunk universal_forwarderRange9.0.0–9.0.6

splunk universal_forwarderMatch9.1.0

[
  {
    "vendor": "n/a",
    "product": "https://github.com/curl/curl",
    "versions": [
      {
        "version": "Fixed in curl 7.87.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/
security	www.security.netapp.com/advisory/ntap-20230427-0007/
hackerone	www.hackerone.com/reports/1755083
security	www.security.gentoo.org/glsa/202310-12

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Dec 2022 15:15Current

7.3High risk

Vulners AI Score7.3

CVSS37.5

EPSS0.00104

CWE-319