curl can be asked to tunnel virtually all protocols it supports through an
HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations using
an appropriate HTTP error response code.

When getting denied to tunnel the specific protocols SMB or TELNET, curl would
use a heap-allocated struct after it had been freed, in its transfer shutdown
code path.

CPENameOperatorVersion
curl.giteq7.22.0
curl.giteq7.76.1
curl.giteq7.56.1
curl.giteq7.21.3
curl.giteq7.19.5
curl.giteq7.61.1
curl.giteq7.20.1
curl.giteq7.16.0
curl.giteq7.34.0
curl.giteq7.62.0

Name	Operator	Version
curl.git	eq	7.22.0
curl.git	eq	7.76.1
curl.git	eq	7.56.1
curl.git	eq	7.21.3
curl.git	eq	7.19.5
curl.git	eq	7.61.1
curl.git	eq	7.20.1
curl.git	eq	7.16.0
curl.git	eq	7.34.0
curl.git	eq	7.62.0

Rows per page:

1-10 of 1171

redhatcve 1

nessus 59

prion 1

cbl_mariner 10

openvas 30

redos 1

ibm 20

kaspersky 2

wolfi 1

cve 1

hackerone 1

veracode 1

mscve 1

oraclelinux 3

f5 1

cvelist 1

ubuntucve 1

osv 7

cgr 1

redhat 11

centos 1

nvd 1

alpinelinux 1

debiancve 1

fedora 2

almalinux 2

cloudfoundry 1

ubuntu 2

mageia 1

amazon 2

photon 6

debian 2

rosalinux 1

ics 2

aix 1

gentoo 1

mskb 5

apple 1

tenable 1

avleonov 1

redhatcve

CVE-2022-43552

2022-12-21 09:36:44

nessus

SUSE SLES15 Security Update : curl (SUSE-SU-2022:4633-1)

2022-12-29 00:00:00

EulerOS 2.0 SP10 : curl (EulerOS-SA-2023-1522)

2023-03-19 00:00:00

CentOS 7 : curl (RHSA-2023:7743)

2023-12-22 00:00:00

prion

Path traversal

2023-02-09 20:15:00

cbl_mariner

CVE-2022-43552 affecting package tensorflow for versions less than 2.16.1-1

2024-04-17 22:02:46

CVE-2022-43552 affecting package mysql 8.0.32-1

2024-06-18 09:08:13

CVE-2022-43552 affecting package cmake 3.21.4-3

2024-06-18 09:08:13

openvas

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1438)

2023-03-09 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:4598-1)

2022-12-22 00:00:00

CentOS: Security Advisory for curl (CESA-2023:7743)

2024-03-05 00:00:00

redos

ROS-20230414-04

2023-04-14 00:00:00

ibm

Security Bulletin: IBM Storage Ceph is vulnerable to Use After Free in RHEL (CVE-2022-43552 )

2024-01-18 21:00:02

Security Bulletin: IBM Storage Ceph is vulnerable to Use After Free in RHEL (CVE-2022-43552 )

2024-01-26 22:04:27

Security Bulletin: libcurl as used by IBM QRadar Wincollect agent is vulnerable to denial of service (CVE-2022-43552, CVE-2022-43551)

2023-01-25 19:11:03

kaspersky

KLA48563 ACE vulnerability in Microsoft Mariner

2023-02-10 00:00:00

KLA48562 ACE vulnerability in Microsoft Windows

2023-02-10 00:00:00

wolfi

CVE-2022-43552 vulnerabilities

2024-06-18 09:08:19

cve

CVE-2022-43552

2023-02-09 20:15:10

hackerone

curl: CVE-2022-43552: HTTP Proxy deny use-after-free

2022-11-07 16:45:50

veracode

Use-After-Free

2022-12-23 19:14:50

mscve

Open Source Curl Remote Code Execution Vulnerability

2023-02-10 00:00:00

oraclelinux

curl security update

2023-12-12 00:00:00

curl security and bug fix update

2023-05-24 00:00:00

curl security update

2023-05-15 00:00:00

K000133092: cURL vulnerability CVE-2022-43552

2023-03-21 00:00:00

cvelist

CVE-2022-43552

2023-02-09 00:00:00

ubuntucve

CVE-2022-43552

2022-12-21 00:00:00

osv

CVE-2022-43552

2023-02-09 20:15:10

curl - security update

2023-01-27 00:00:00

curl vulnerabilities

2023-01-05 17:15:18

cgr

CVE-2022-43552 vulnerabilities

2024-05-19 03:07:16

redhat

(RHSA-2023:7743) Low: curl security update

2023-12-12 16:01:33

(RHSA-2023:2963) Low: curl security and bug fix update

2023-05-16 05:59:21

(RHSA-2023:2478) Low: curl security update

2023-05-09 05:11:57

centos

curl, libcurl security update

2024-01-12 19:12:33

nvd

CVE-2022-43552

2023-02-09 20:15:10

alpinelinux

CVE-2022-43552

2023-02-09 20:15:10

debiancve

CVE-2022-43552

2023-02-09 20:15:10

fedora

[SECURITY] Fedora 37 Update: curl-7.85.0-5.fc37

2022-12-26 01:06:29

[SECURITY] Fedora 36 Update: curl-7.82.0-12.fc36

2022-12-28 01:40:29

almalinux

Low: curl security update

2023-05-09 00:00:00

Low: curl security and bug fix update

2023-05-16 00:00:00

cloudfoundry

USN-5788-1: curl vulnerabilities | Cloud Foundry

2023-01-26 00:00:00

ubuntu

curl vulnerabilities

2023-01-05 00:00:00

curl vulnerabilities

2023-02-27 00:00:00

mageia

Updated curl packages fix security vulnerability

2022-12-31 01:39:00

amazon

Medium: curl

2023-04-13 19:01:00

Medium: curl

2023-01-30 16:02:00

photon

Important Photon OS Security Update - PHSA-2022-0304

2022-12-21 00:00:00

Important Photon OS Security Update - PHSA-2022-3.0-0508

2022-12-22 00:00:00

Important Photon OS Security Update - PHSA-2022-0551

2022-12-21 00:00:00

debian

[SECURITY] [DSA 5330-1] curl security update

2023-01-27 17:53:54

[SECURITY] [DLA 3288-1] curl security update

2023-01-28 21:19:47

rosalinux

Advisory ROSA-SA-2023-2221

2023-08-22 13:21:47

ics

Siemens SINEC NMS Third-Party

2023-05-11 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

aix

Multiple vulnerabilities cURL libcurl affect AIX

2023-06-29 09:35:59

gentoo

curl: Multiple Vulnerabilities

2023-10-11 00:00:00

mskb

April 11, 2023—KB5025221 (OS Builds 19042.2846, 19044.2846, and 19045.2846)

2023-04-11 07:00:00

April 11, 2023—KB5025239 (OS Build 22621.1555)

2023-04-11 07:00:00

April 11, 2023—KB5025224 (OS Build 22000.1817)

2023-04-11 07:00:00

apple

About the security content of macOS Ventura 13.3

2023-03-27 00:00:00

tenable

[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities

2023-06-29 10:45:47

avleonov

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

2022-12-30 18:03:13

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

Related for OSV:CURL-CVE-2022-43552