Lucene search
HackeroneCVELIST:CVE-2022-27780HistoryJun 01, 2022 - 12:00 a.m.
CVE-2022-27780
2022-06-0100:00:00
CWE-177
hackerone
www.cve.org
1
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a different URL usingthe wrong host name when it is later retrieved.For example, a URL like http://example.com%2F127.0.0.1/, would be allowed bythe parser and get transposed into http://example.com/127.0.0.1/. This flawcan be used to circumvent filters, checks and more.
CNA Affected
[
{
"vendor": "n/a",
"product": "https://github.com/curl/curl",
"versions": [
{
"version": "Fixed in 7.83.1",
"status": "affected"
}
]
}
]Related
osv
osv
CVE-2022-27780
2022-06-02 14:15:44
curl vulnerabilities
2022-05-11 13:14:58
ubuntucve
ubuntucve
CVE-2022-27780
2022-05-11 00:00:00
alpinelinux
alpinelinux
CVE-2022-27780
2022-06-02 14:15:44
nvd
nvd
CVE-2022-27780
2022-06-02 14:15:44
hackerone
hackerone
curl: CVE-2022-27780: percent-encoded path separator in URL host
2022-04-28 17:26:19
veracode
veracode
Cross-site Scripting (XSS)
2022-05-14 23:45:07
cbl_mariner
cbl_mariner
CVE-2022-27780 affecting package curl for versions less than 7.83.1-1
2022-07-01 21:02:21
CVE-2022-27780 affecting package curl 7.76.0-9
2022-08-24 22:05:05
cve
cve
CVE-2022-27780
2022-06-02 14:15:44
prion
prion
Design/Logic Flaw
2022-06-02 14:15:00
redhatcve
redhatcve
CVE-2022-27780
2022-05-11 08:01:38
debiancve
debiancve
CVE-2022-27780
2022-06-02 14:15:44
ibm
ibm
ubuntu
ubuntu
curl vulnerabilities
2022-05-11 00:00:00
cloudfoundry
cloudfoundry
USN-5412-1: curl vulnerabilities | Cloud Foundry
2022-12-07 00:00:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : curl vulnerabilities (USN-5412-1)
2022-05-11 00:00:00
Fedora 36 : curl (2022-d15a736748)
2022-05-12 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5412-1)
2022-05-12 00:00:00
Fedora: Security Advisory for curl (FEDORA-2022-d15a736748)
2022-05-13 00:00:00
Slackware: Security Advisory (SSA:2022-131-01)
2022-05-12 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: curl-7.82.0-5.fc36
2022-05-12 20:26:36
redos
redos
ROS-20220524-03
2022-05-24 00:00:00
slackware
slackware
[slackware-security] curl
2022-05-11 19:04:46
freebsd
freebsd
curl -- Multiple vulnerabilities
2022-05-11 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package curl version 7.83.1-alt1
2022-05-19 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0205
2022-06-27 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0205
2022-06-27 00:00:00
Important Photon OS Security Update - PHSA-2022-0486
2022-06-19 00:00:00
gentoo
gentoo
curl: Multiple Vulnerabilities
2022-12-19 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00