For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

redhat 20

nessus 60

oraclelinux 8

osv 15

rocky 6

almalinux 6

fedora 4

rosalinux 1

ibm 10

openvas 31

freebsd 1

cloudfoundry 2

mageia 2

amazon 2

slackware 1

ubuntu 2

redos 2

hackerone 3

photon 4

suse 2

cgr 1

github 1

cbl_mariner 1

redhatcve 3

veracode 4

ubuntucve 1

prion 2

debiancve 2

gitlab 1

wolfi 1

redhat

(RHSA-2022:5704) Moderate: ACS 3.71 enhancement and security update

2022-07-25 21:38:29

(RHSA-2022:5909) Moderate: Openshift Logging Bug Fix and security update Release (5.2.13)

2022-08-04 16:14:14

(RHSA-2022:5908) Moderate: Openshift Logging Bug Fix and security update Release (5.3.10)

2022-08-04 15:55:35

nessus

AlmaLinux 9 : curl (ALSA-2022:5245)

2022-11-16 00:00:00

AlmaLinux 8 : curl (5313) (ALSA-2022:5313)

2022-07-25 00:00:00

Oracle Linux 8 : curl (ELSA-2022-5313)

2022-06-30 00:00:00

oraclelinux

curl security update

2022-06-30 00:00:00

curl security update

2022-06-30 00:00:00

expat security update

2022-06-30 00:00:00

osv

Moderate: curl security update

2022-06-30 00:00:00

Moderate: curl security update

2022-06-28 10:52:02

curl vulnerabilities

2022-04-28 18:23:23

rocky

curl security update

2022-06-28 10:52:02

kernel-rt security and bug fix update

2022-06-28 10:55:48

kernel security and bug fix update

2022-06-28 10:52:11

almalinux

Moderate: curl security update

2022-06-30 00:00:00

Moderate: expat security update

2022-07-01 00:00:00

Important: kernel-rt security and bug fix update

2022-06-28 00:00:00

fedora

[SECURITY] Fedora 35 Update: curl-7.79.1-4.fc35

2022-05-18 01:11:50

[SECURITY] Fedora 34 Update: curl-7.76.1-16.fc34

2022-05-24 01:41:08

[SECURITY] Fedora 36 Update: curl-7.82.0-4.fc36

2022-05-07 05:15:01

rosalinux

Advisory ROSA-SA-2023-2220

2023-08-22 13:18:19

ibm

Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities

2023-02-27 17:34:12

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Golang Go, libxml2, curl, expat, libgcrypt and IBM WebSphere Application Server Liberty

2022-08-09 05:46:56

Security Bulletin: Vulnerabilities in libcurl may affect IBM Spectrum Protect Plus (CVE-2021-22946, CVE-2022-27782, CVE-2022-27774, CVE-2022-22576, CVE-2021-22947, CVE-2022-27776)

2022-09-17 12:04:17

openvas

Fedora: Security Advisory for curl (FEDORA-2022-3d8f00cde2)

2022-05-18 00:00:00

Fedora: Security Advisory for curl (FEDORA-2022-8277bef335)

2022-05-25 00:00:00

Ubuntu: Security Advisory (USN-5397-1)

2022-04-29 00:00:00

freebsd

cURL -- Multiple vulnerabilities

2022-04-27 00:00:00

cloudfoundry

USN-5397-1: curl vulnerabilities | Cloud Foundry

2022-05-23 00:00:00

USN-5320-1: Expat vulnerabilities and regression | Cloud Foundry

2022-04-21 00:00:00

mageia

Updated curl packages fix security vulnerability

2022-05-02 22:44:52

Updated libgcrypt packages fix security vulnerability

2021-09-29 20:22:22

amazon

Medium: curl

2022-05-04 01:01:00

Medium: curl

2022-12-01 17:33:00

slackware

[slackware-security] curl

2022-04-27 21:48:34

ubuntu

curl vulnerabilities

2022-04-28 00:00:00

Expat vulnerabilities and regression

2022-03-10 00:00:00

redos

ROS-20220516-09

2022-05-16 00:00:00

ROS-20220225-01

2022-02-25 00:00:00

hackerone

curl: CVE-2022-27776: Auth/cookie leak on redirect

2022-04-21 15:20:43

Internet Bug Bounty: CVE-2022-27776: Auth/cookie leak on redirect

2022-04-27 07:10:47

Internet Bug Bounty: OAUTH2 bearer not-checked for connection re-use

2022-04-27 16:16:35

photon

Moderate Photon OS Security Update - PHSA-2022-0176

2022-04-30 00:00:00

Moderate Photon OS Security Update - PHSA-2022-0388

2022-04-30 00:00:00

Important Photon OS Security Update - PHSA-2022-3.0-0388

2022-05-01 00:00:00

suse

Security update for curl (moderate)

2022-05-13 00:00:00

Security update for expat (important)

2022-03-04 00:00:00

cgr

CVE-2021-38561 vulnerabilities

2024-04-26 03:19:48

github

golang.org/x/text/language Out-of-bounds Read vulnerability

2022-12-26 06:30:22

cbl_mariner

CVE-2021-40528 affecting package libgcrypt 1.8.7-3

2021-11-06 06:45:24

redhatcve

CVE-2020-28915

2020-11-18 17:09:54

CVE-2022-22576

2022-04-27 06:53:57

CVE-2021-38561

2022-06-23 14:36:47

veracode

Denial Of Service (DoS)

2022-09-08 21:51:29

Denial Of Service (DoS)

2022-04-20 08:23:13

Authentication Bypass

2022-04-29 06:57:54

ubuntucve

CVE-2020-28915

2020-11-18 00:00:00

prion

Authentication flaw

2022-05-26 17:15:00

Design/Logic Flaw

2022-12-26 06:15:00

debiancve

CVE-2021-40528

2021-09-06 19:15:00

CVE-2021-38561

2022-12-26 06:15:00

gitlab

Out-of-bounds Read

2022-12-26 00:00:00

wolfi

CVE-2021-38561 vulnerabilities

2024-04-26 09:06:29

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.3%

JSON

Related for RHSA-2022:5556