For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

redhat 20

osv 25

nessus 60

rocky 5

oraclelinux 7

almalinux 6

rosalinux 1

ibm 12

fedora 3

openvas 25

slackware 1

amazon 2

cloudfoundry 2

freebsd 1

ubuntu 2

mageia 1

redos 1

photon 4

hackerone 3

suse 1

cgr 1

github 1

nvd 1

veracode 1

cvelist 1

debiancve 2

gitlab 2

cve 1

alpinelinux 1

ubuntucve 2

wolfi 1

redhatcve 1

prion 1

debian 1

redhat

(RHSA-2022:5909) Moderate: Openshift Logging Bug Fix and security update Release (5.2.13)

2022-08-04 16:14:14

(RHSA-2022:5908) Moderate: Openshift Logging Bug Fix and security update Release (5.3.10)

2022-08-04 15:55:35

(RHSA-2022:5704) Moderate: ACS 3.71 enhancement and security update

2022-07-25 21:38:29

osv

Moderate: curl security update

2022-06-28 10:52:02

Moderate: curl security update

2022-06-30 00:00:00

curl vulnerabilities

2022-04-28 18:23:23

nessus

RHEL 8 : curl (RHSA-2022:5313)

2022-07-01 00:00:00

RHEL 9 : curl (RHSA-2022:5245)

2022-07-01 00:00:00

Rocky Linux 8 : curl (RLSA-2022:5313)

2022-07-08 00:00:00

rocky

curl security update

2022-06-28 10:52:02

kernel-rt security and bug fix update

2022-06-28 10:55:48

kernel security and bug fix update

2022-06-28 10:52:11

oraclelinux

curl security update

2022-06-30 00:00:00

curl security update

2022-06-30 00:00:00

expat security update

2022-06-30 00:00:00

almalinux

Moderate: curl security update

2022-06-30 00:00:00

Moderate: expat security update

2022-07-01 00:00:00

Important: kernel-rt security and bug fix update

2022-06-28 00:00:00

rosalinux

Advisory ROSA-SA-2023-2220

2023-08-22 13:18:19

ibm

Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities

2023-02-27 17:34:12

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Golang Go, libxml2, curl, expat, libgcrypt and IBM WebSphere Application Server Liberty

2022-08-09 05:46:56

Security Bulletin: Vulnerabilities in libcurl may affect IBM Spectrum Protect Plus (CVE-2021-22946, CVE-2022-27782, CVE-2022-27774, CVE-2022-22576, CVE-2021-22947, CVE-2022-27776)

2022-09-17 12:04:17

fedora

[SECURITY] Fedora 35 Update: curl-7.79.1-4.fc35

2022-05-18 01:11:50

[SECURITY] Fedora 34 Update: curl-7.76.1-16.fc34

2022-05-24 01:41:08

[SECURITY] Fedora 36 Update: curl-7.82.0-4.fc36

2022-05-07 05:15:01

openvas

Fedora: Security Advisory for curl (FEDORA-2022-3d8f00cde2)

2022-05-18 00:00:00

Fedora: Security Advisory for curl (FEDORA-2022-8277bef335)

2022-05-25 00:00:00

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1991)

2022-07-08 00:00:00

slackware

[slackware-security] curl

2022-04-27 21:48:34

amazon

Medium: curl

2022-05-04 01:01:00

Medium: curl

2022-12-01 17:33:00

cloudfoundry

USN-5397-1: curl vulnerabilities | Cloud Foundry

2022-05-23 00:00:00

USN-5320-1: Expat vulnerabilities and regression | Cloud Foundry

2022-04-21 00:00:00

freebsd

cURL -- Multiple vulnerabilities

2022-04-27 00:00:00

ubuntu

curl vulnerabilities

2022-04-28 00:00:00

Expat vulnerabilities and regression

2022-03-10 00:00:00

mageia

Updated curl packages fix security vulnerability

2022-05-02 22:44:52

redos

ROS-20220516-09

2022-05-16 00:00:00

photon

Moderate Photon OS Security Update - PHSA-2022-0388

2022-04-30 00:00:00

Moderate Photon OS Security Update - PHSA-2022-0176

2022-04-30 00:00:00

Important Photon OS Security Update - PHSA-2022-3.0-0388

2022-05-01 00:00:00

hackerone

curl: CVE-2022-27776: Auth/cookie leak on redirect

2022-04-21 15:20:43

Internet Bug Bounty: CVE-2022-27776: Auth/cookie leak on redirect

2022-04-27 07:10:47

Internet Bug Bounty: OAUTH2 bearer not-checked for connection re-use

2022-04-27 16:16:35

suse

Security update for curl (moderate)

2022-05-13 00:00:00

cgr

CVE-2021-38561 vulnerabilities

2024-05-19 03:07:16

github

golang.org/x/text/language Out-of-bounds Read vulnerability

2022-12-26 06:30:22

nvd

CVE-2021-38561

2022-12-26 06:15:10

veracode

Denial Of Service (DoS)

2022-04-20 08:23:13

cvelist

CVE-2021-38561

2022-12-26 00:00:00

debiancve

CVE-2020-28915

2020-11-18 08:15:12

CVE-2021-38561

2022-12-26 06:15:10

gitlab

Out-of-bounds Read

2022-12-26 00:00:00

Out-of-bounds Read

2022-12-26 00:00:00

cve

CVE-2021-38561

2022-12-26 06:15:10

alpinelinux

CVE-2021-38561

2022-12-26 06:15:10

ubuntucve

CVE-2021-38561

2022-12-26 00:00:00

CVE-2020-28915

2020-11-18 00:00:00

wolfi

CVE-2021-38561 vulnerabilities

2024-07-26 21:09:29

redhatcve

CVE-2021-38561

2022-06-23 14:36:47

prion

Design/Logic Flaw

2022-12-26 06:15:00

debian

[SECURITY] [DSA 5085-1] expat security update

2022-02-22 20:17:14

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.009

Percentile

82.8%

JSON

Related for RHSA-2022:5556