SUSE CVE-2022-27781

🗓️ 15 Feb 2023 03:26:44Reported by Suse CVEType

SUSE CVE-2022-27781: libcurl with network security service may enter an infinite busy loop when reporting server certificate info.

Reporter	Title	Published	Views	Family All 154
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Curl affect PowerSC	23 Sep 202222:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java, OpenSSL, and libcurl may affect IBM Storage Protect for Virtual Environments: Data Protection for Microsoft Hyper-V	4 Apr 202418:41	–	ibm
IBM Security Bulletins	Security Bulletin: Execution Engine for Apache Hadoop is vulnerable to heap-based buffer overflow and remote attacker to bypass security restrictions	20 Feb 202503:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MaaS360 Cloud Extender Agent and Base Module use libcurl with multiple known vulnerabilities	6 Oct 202204:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues	15 Apr 202502:31	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues	12 Apr 202414:33	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java, OpenSSL, and libcurl may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware	4 Apr 202418:41	–	ibm
IBM Security Bulletins	Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities fixed in 9.7.2.7	24 Oct 202411:46	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in libcurl affect IBM Spectrum Protect Plus SQL, File Indexing, and Windows Host agents	19 Sep 202222:54	–	ibm
FreeBSD	curl -- Multiple vulnerabilities	11 May 202200:00	–	freebsd

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Server	12.2	any	curl	7.37.0-37.76.1	curl-7.37.0-37.76.1.noarch.rpm
SUSE Linux Enterprise Server	12.3	any	curl	7.37.0-37.76.1	curl-7.37.0-37.76.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12.3	any	curl	7.37.0-37.76.1	curl-7.37.0-37.76.1.noarch.rpm
SUSE Linux Enterprise Server	11.3	any	curl	7.37.0-70.80.1	curl-7.37.0-70.80.1.noarch.rpm
SUSE Linux Enterprise Server	12.5	any	curl	7.60.0-11.40.2	curl-7.60.0-11.40.2.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12.5	any	curl	7.60.0-11.40.2	curl-7.60.0-11.40.2.noarch.rpm
SUSE Linux Enterprise Server	15	any	curl	7.60.0-150000.33.1	curl-7.60.0-150000.33.1.noarch.rpm
SUSE Linux Enterprise Server	15.1	any	curl	7.60.0-150000.33.1	curl-7.60.0-150000.33.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15	any	curl	7.60.0-150000.33.1	curl-7.60.0-150000.33.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15.1	any	curl	7.60.0-150000.33.1	curl-7.60.0-150000.33.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2022-27781
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1199223
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-May/011085.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-May/011138.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-May/011174.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-May/011175.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-May/011176.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-May/011177.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-May/011178.html

06 Jun 2026 05:44Current

8.7High risk

Vulners AI Score8.7

CVSS 3.13.7

EPSS0.02434