15 matches found
Siemens SIMATIC S7-1500 Use of Incorrectly-Resolved Name or Reference (CVE-2022-27778)
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
SUSE CVE-2022-27778
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.
...
AZL-9876 CVE-2022-27778 affecting package curl for versions less than 7.83.1-1
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...
CVE-2022-27778
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...
ALPINE-CVE-2022-27778
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...
DEBIAN-CVE-2022-27778
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...
CVE-2022-27778
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...
Code injection
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...
CVE-2022-27778
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...
CVE-2022-27778
CVE-2022-27778 is a vulnerability in curl/libcurl described as an “use of incorrectly resolved name” that may cause removal of the wrong file when using --no-clobber with --remove-on-error. Connected advisories confirm the issue exists in curl up to version 7.83.0 and is fixed in 7.83.1. Articles...
CVE-2022-27778
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...
CURL-CVE-2022-27778 curl removes wrong file on error
curl might remove the wrong file when --no-clobber is used together with --remove-on-error. The --remove-on-error option tells curl to remove the output file when it returns an error, and not leave a partial file behind. The --no-clobber option prevents curl from overwriting a file if it already...
Internet Bug Bounty: CVE-2022-27778: curl removes wrong file on error
Summary: Curl command has a logic flaw that results in removal of a wrong file when combining --no-clobber and --remove-on-error if the target file name exists and an error occurs. Steps To Reproduce: 1. echo "important file" foo 2. echo -ne "HTTP/1.1 200 OK\r\nContent-Length: 666\r\n\r\nHello\n"...
curl 安全漏洞
curl is a tool for transferring data from or to a server. A security vulnerability exists in curl version 7.83.0, which stems from the possibility that the curl command-line tool may mistakenly delete files when --no-clobber is used in conjunction with --remove-on-error. A remote attacker can use...