Lucene search
HackeroneCVELIST:CVE-2022-22576HistoryMay 26, 2022 - 12:00 a.m.
CVE-2022-22576
2022-05-2600:00:00
CWE-287
hackerone
www.cve.org
2
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).
CNA Affected
[
{
"vendor": "n/a",
"product": "https://github.com/curl/curl",
"versions": [
{
"version": "Fixed in curl 7.83.0",
"status": "affected"
}
]
}
]Related
hackerone
hackerone
Internet Bug Bounty: OAUTH2 bearer not-checked for connection re-use
2022-04-27 16:16:35
curl: CVE-2022-22576: OAUTH2 bearer bypass in connection re-use
2022-03-30 12:47:16
nvd
nvd
CVE-2022-22576
2022-05-26 17:15:09
prion
prion
Authentication flaw
2022-05-26 17:15:00
veracode
veracode
Authentication Bypass
2022-04-29 06:57:54
redhatcve
redhatcve
CVE-2022-22576
2022-04-27 06:53:57
ubuntucve
ubuntucve
CVE-2022-22576
2022-04-27 00:00:00
osv
osv
CVE-2022-22576
2022-05-26 17:15:09
Moderate: curl security update
2022-06-28 10:52:02
curl vulnerabilities
2022-04-28 18:23:23
alpinelinux
alpinelinux
CVE-2022-22576
2022-05-26 17:15:09
ibm
ibm
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to bypassing access restrictions due to CVE-2022-22576
2022-11-04 18:02:51
debiancve
debiancve
CVE-2022-22576
2022-05-26 17:15:09
cbl_mariner
cbl_mariner
CVE-2022-22576 affecting package curl 7.76.0-9
2022-05-12 02:16:39
cve
cve
CVE-2022-22576
2022-05-26 17:15:09
broadcom
broadcom
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:1680-1)
2022-05-17 00:00:00
openSUSE: Security Advisory for curl (SUSE-SU-2022:1657-1)
2022-05-17 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2551)
2022-10-12 00:00:00
nessus
nessus
SUSE SLES12 Security Update : curl (SUSE-SU-2022:1680-1)
2022-05-17 00:00:00
EulerOS 2.0 SP8 : curl (EulerOS-SA-2022-2217)
2022-08-17 00:00:00
SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2022:1657-1)
2022-05-14 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2022-0176
2022-04-30 00:00:00
Moderate Photon OS Security Update - PHSA-2022-0388
2022-04-30 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0176
2022-04-30 00:00:00
suse
suse
Security update for curl (moderate)
2022-05-13 00:00:00
slackware
slackware
[slackware-security] curl
2022-04-27 21:48:34
redhat
redhat
(RHSA-2022:5313) Moderate: curl security update
2022-06-28 10:52:02
(RHSA-2022:5245) Moderate: curl security update
2022-06-28 08:27:15
amazon
amazon
Medium: curl
2022-05-04 01:01:00
Medium: curl
2022-12-01 17:33:00
fedora
fedora
[SECURITY] Fedora 36 Update: curl-7.82.0-4.fc36
2022-05-07 05:15:01
[SECURITY] Fedora 35 Update: curl-7.79.1-4.fc35
2022-05-18 01:11:50
[SECURITY] Fedora 34 Update: curl-7.76.1-16.fc34
2022-05-24 01:41:08
cloudfoundry
cloudfoundry
USN-5397-1: curl vulnerabilities | Cloud Foundry
2022-05-23 00:00:00
rocky
rocky
curl security update
2022-06-28 10:52:02
freebsd
freebsd
cURL -- Multiple vulnerabilities
2022-04-27 00:00:00
oraclelinux
oraclelinux
curl security update
2022-06-30 00:00:00
curl security update
2022-06-30 00:00:00
ubuntu
ubuntu
curl vulnerabilities
2022-04-28 00:00:00
mageia
mageia
Updated curl packages fix security vulnerability
2022-05-02 22:44:52
redos
redos
ROS-20220516-09
2022-05-16 00:00:00
almalinux
almalinux
Moderate: curl security update
2022-06-30 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2220
2023-08-22 13:18:19
debian
debian
[SECURITY] [DLA 3085-1] curl security update
2022-08-28 23:00:51
[SECURITY] [DSA 5197-1] curl security update
2022-08-01 16:58:44
ics
ics
โSiemens RUGGEDCOM ROX
2023-07-13 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
gentoo
gentoo
curl: Multiple Vulnerabilities
2022-12-19 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47