Lucene search

K
osvGoogleOSV:CVE-2022-27781
HistoryJun 02, 2022 - 2:15 p.m.

CVE-2022-27781

2022-06-0214:15:44
Google
osv.dev
25
libcurl
curlopt_certinfo
vulnerability
nss

EPSS

0.002

Percentile

56.2%

libcurl provides the CURLOPT_CERTINFO option to allow applications torequest details to be returned about a server’s certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.