Lucene search
SuseSUSE-SU-2022:3785-1HistoryOct 27, 2022 - 12:00 a.m.
Security update for curl (important)
2022-10-2700:00:00
lists.opensuse.org
24
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
An update that fixes two vulnerabilities is now available.
Description:
This update for curl fixes the following issues:
- CVE-2022-32221: Fixed POST following PUT confusion (bsc#1204383).
- CVE-2022-42916: Fixed HSTS bypass via IDN (bsc#1204386).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or โzypper patchโ.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3785=1
-
SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3785=1
-
SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3785=1
Related
nessus
nessus
SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2022:3785-1)
2022-10-27 00:00:00
FreeBSD : curl -- multiple vulnerabilities (0f99a30c-7b4b-11ed-9168-080027f5fec9)
2022-12-13 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : curl vulnerabilities (USN-5702-1)
2022-10-26 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Curl affect PowerSC
2023-03-14 16:08:54
fedora
fedora
[SECURITY] Fedora 36 Update: curl-7.82.0-9.fc36
2022-10-30 21:00:40
[SECURITY] Fedora 37 Update: curl-7.85.0-2.fc37
2022-11-10 22:54:26
[SECURITY] Fedora 35 Update: curl-7.79.1-7.fc35
2022-11-10 16:21:52
osv
osv
curl vulnerabilities
2022-10-26 17:28:24
Moderate: curl security update
2023-01-23 00:00:00
CVE-2022-42916
2022-10-29 02:15:09
amazon
amazon
Medium: curl
2022-12-01 20:31:00
ubuntu
ubuntu
curl vulnerabilities
2022-10-26 00:00:00
curl vulnerability
2022-10-26 00:00:00
MySQL vulnerabilities
2023-01-24 00:00:00
cloudfoundry
cloudfoundry
USN-5702-1: curl vulnerabilities | Cloud Foundry
2023-05-18 00:00:00
USN-5823-1: MySQL vulnerabilities | Cloud Foundry
2023-02-03 00:00:00
slackware
slackware
[slackware-security] curl
2022-10-27 02:30:21
freebsd
freebsd
curl -- multiple vulnerabilities
2022-10-26 00:00:00
MySQL -- Multiple vulnerabilities
2023-01-20 00:00:00
redhat
redhat
(RHSA-2023:0333) Moderate: curl security update
2023-01-23 14:30:22
(RHSA-2023:4139) Moderate: curl security update
2023-07-18 07:24:38
cgr
cgr
CVE-2022-32221 vulnerabilities
2024-04-19 21:06:40
CVE-2022-42916 vulnerabilities
2024-04-19 21:06:40
prion
prion
Design/Logic Flaw
2022-10-29 02:15:00
Design/Logic Flaw
2022-12-05 22:15:00
redhatcve
redhatcve
CVE-2022-42916
2022-10-26 14:53:12
CVE-2022-32221
2022-10-26 14:23:07
wolfi
wolfi
CVE-2022-42916 vulnerabilities
2024-04-19 21:05:52
CVE-2022-32221 vulnerabilities
2024-04-19 21:05:52
rocky
rocky
curl security update
2023-01-23 14:30:22
hackerone
hackerone
Internet Bug Bounty: CVE-2022-42916: HSTS bypass via IDN
2022-10-27 15:24:09
curl: CVE-2022-42916: HSTS bypass via IDN
2022-10-11 16:30:22
Internet Bug Bounty: POST following PUT confusion
2022-10-26 14:34:05
cbl_mariner
cbl_mariner
CVE-2022-42916 affecting package curl 7.84.0-1
2022-11-24 00:45:35
CVE-2022-42916 affecting package tensorflow 2.11.1-1
2024-04-17 22:02:46
CVE-2022-42916 affecting package curl 7.84.0-1
2022-11-16 02:26:15
oraclelinux
oraclelinux
curl security update
2023-01-24 00:00:00
almalinux
almalinux
Moderate: curl security update
2023-01-23 00:00:00
mageia
mageia
Updated curl packages fix security vulnerability
2022-11-02 01:58:59
veracode
veracode
Weak Encryption
2022-10-28 09:09:21
Denial Of Service (DoS)
2022-10-30 13:32:34
cve
cve
CVE-2022-42916
2022-10-29 02:15:00
CVE-2022-32221
2022-12-05 22:15:00
ubuntucve
ubuntucve
CVE-2022-42916
2022-10-26 00:00:00
CVE-2022-32221
2022-10-26 00:00:00
debiancve
debiancve
CVE-2022-42916
2022-10-29 02:15:00
CVE-2022-32221
2022-12-05 22:15:00
suse
suse
Security update for curl (important)
2022-10-26 00:00:00
alpinelinux
alpinelinux
CVE-2022-42916
2022-10-29 02:15:00
CVE-2022-32221
2022-12-05 22:15:00
cloudlinux
cloudlinux
curl: Fix of CVE-2022-32221
2022-12-15 17:42:45
aix
aix
AIX is vulnerable to security restrictions bypass due to curl
2023-05-26 09:26:13
redos
redos
ROS-20221108-01
2022-11-08 00:00:00
ROS-20221222-02
2022-12-22 00:00:00
debian
debian
[SECURITY] [DSA 5330-1] curl security update
2023-01-27 17:53:54
[SECURITY] [DLA 3288-1] curl security update
2023-01-28 21:19:47
ics
ics
Siemens SINEC NMS Third-Party
2023-05-11 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-3.0-0480
2022-10-29 00:00:00
Critical Photon OS Security Update - PHSA-2022-0533
2022-10-28 00:00:00
Critical Photon OS Security Update - PHSA-2022-0271
2022-10-28 00:00:00
apple
apple
About the security content of macOS Monterey 12.6.3
2023-01-23 00:00:00
About the security content of macOS Ventura 13.2
2023-01-23 00:00:00
gentoo
gentoo
curl: Multiple Vulnerabilities
2022-12-19 00:00:00
kaspersky
kaspersky
KLA48969 Multiple vulnerabilities in Oracle VirtualBox
2023-04-18 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Related for SUSE-SU-2022:3785-1