Showing 1 - 12 of 12

CVE-2022-27774

Status Candidate

Overview

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.

Related Files

Gentoo Linux Security Advisory 202212-01: Posted Dec 19, 2022; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202212-1 - Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. Versions less than 7.86.0 are affected.; tags | advisory, arbitrary, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2021-22922, CVE-2021-22923, CVE-2021-22925, CVE-2021-22926, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781; SHA-256 | e297fe6f1bca3eb09660ab5922cdfac1c9a3279734e9e89e74cc758a3e08ac46; Download | Favorite | View

Debian Security Advisory 5197-1: Posted Aug 28, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5197-1 - Multiple security vulnerabilities have been discovered in cURL, an URL transfer library. These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack.; tags | advisory, remote, denial of service, vulnerability; systems | linux, debian; advisories | CVE-2021-22898, CVE-2021-22924, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27781, CVE-2022-27782, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207; SHA-256 | 77ef9f5619851e18009af5092abdfe753f0a668e45b9771f079b64a5b7aa8eca; Download | Favorite | View

Red Hat Security Advisory 2022-6040-01: Posted Aug 11, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6040-01 - Version 1.24.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6, 4.7, 4.8, 4.9, 4.10, and 4.11. This release includes security and bug fixes, and enhancements. Issues addressed include bypass and denial of service vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2021-40528, CVE-2022-1705, CVE-2022-1962, CVE-2022-1996, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-21698, CVE-2022-22576, CVE-2022-24675, CVE-2022-24921, CVE-2022-25313, CVE-2022-25314, CVE-2022-27774; SHA-256 | ed2fc17ea4fea7b280250203da1e4e161fa8403846ac647afd3762bf7b3aada3; Download | Favorite | View

Red Hat Security Advisory 2022-5909-01: Posted Aug 5, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5909-01 - Openshift Logging Bug Fix Release. Issues addressed include denial of service and out of bounds read vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2021-38561, CVE-2021-40528, CVE-2022-1271, CVE-2022-1621, CVE-2022-1629, CVE-2022-21540, CVE-2022-21541, CVE-2022-22576, CVE-2022-25313, CVE-2022-25314, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782, CVE-2022-29824; SHA-256 | 0da1a07e024c5eafb5720d0e3cb6f36908a73f19603470c2bd49233e5b4269e7; Download | Favorite | View

Red Hat Security Advisory 2022-5908-01: Posted Aug 5, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5908-01 - Openshift Logging Bug Fix Release. Issues addressed include denial of service and out of bounds read vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2021-38561, CVE-2021-40528, CVE-2022-1271, CVE-2022-1621, CVE-2022-1629, CVE-2022-21540, CVE-2022-21541, CVE-2022-22576, CVE-2022-25313, CVE-2022-25314, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782, CVE-2022-29824; SHA-256 | 21735b4ced5266bed65b1e5716b12ddcbc5a20155a20ca55158673c1b483e442; Download | Favorite | View

Red Hat Security Advisory 2022-5699-01: Posted Aug 4, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5699-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 has been released to address a moderate security impact.; tags | advisory; systems | linux, redhat; advisories | CVE-2018-25032, CVE-2021-3634, CVE-2021-40528, CVE-2022-1271, CVE-2022-22576, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782, CVE-2022-29526, CVE-2022-29824; SHA-256 | 266833afa7b849db849282af299ee898fd202a5e68f531401183e92132ec0939; Download | Favorite | View

Red Hat Security Advisory 2022-5531-01: Posted Jul 27, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5531-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.1 General Availability release images, which fix security issues and bugs.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-28915, CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2021-40528, CVE-2022-1271, CVE-2022-1621, CVE-2022-1629, CVE-2022-22576, CVE-2022-24450, CVE-2022-25313, CVE-2022-25314, CVE-2022-27666, CVE-2022-27774; SHA-256 | f41ee848b6d0c115a722f77ecc6e1af8a8aefc16c64c38321266f8cf8d547612; Download | Favorite | View

Red Hat Security Advisory 2022-5556-01: Posted Jul 27, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5556-01 - Logging Subsystem 5.4.3 has security updates. Issues addressed include denial of service and out of bounds read vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2020-28915, CVE-2021-38561, CVE-2021-40528, CVE-2022-1271, CVE-2022-1621, CVE-2022-1629, CVE-2022-22576, CVE-2022-25313, CVE-2022-25314, CVE-2022-26691, CVE-2022-27666, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782; SHA-256 | 6ddc3f6f99dbf4a5b530359707a6e2dd268fc21dae51c4ad4ddab62aad4ea62b; Download | Favorite | View

Red Hat Security Advisory 2022-5704-01: Posted Jul 27, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5704-01 - Updated images are now available for Red Hat Advanced Cluster Security. Issues addressed include a privilege escalation vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2021-40528, CVE-2022-1621, CVE-2022-1629, CVE-2022-22576, CVE-2022-25313, CVE-2022-25314, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782, CVE-2022-29173, CVE-2022-29824; SHA-256 | ca4300fe9847e023a2842faae60f80ea45d4710f047c0e9d43ae0d73d800718a; Download | Favorite | View

Red Hat Security Advisory 2022-5673-01: Posted Jul 21, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5673-01 - Red Hat OpenStack Platform 16.2 (Train) director operator containers, with several Important security fixes, are available for technology preview. Issues addressed include a code execution vulnerability.; tags | advisory, code execution; systems | linux, redhat; advisories | CVE-2021-3634, CVE-2021-3737, CVE-2021-40528, CVE-2021-41103, CVE-2021-4189, CVE-2021-43565, CVE-2022-1271, CVE-2022-1621, CVE-2022-1629, CVE-2022-22576, CVE-2022-25313, CVE-2022-25314, CVE-2022-26945, CVE-2022-27774; SHA-256 | e6a4b0b59b2757ea6ef380429f73c2819e182dbd4e1d06bf09b8c22eac8f952b; Download | Favorite | View

Red Hat Security Advisory 2022-5245-01: Posted Jul 1, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5245-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include bypass and password leak vulnerabilities.; tags | advisory, web, vulnerability, protocol; systems | linux, redhat; advisories | CVE-2022-22576, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782; SHA-256 | 26b21b9a48461a54adcdb1040ed8768743f785be74ea237cbfd0790432ea8359; Download | Favorite | View

Red Hat Security Advisory 2022-5313-01: Posted Jul 1, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5313-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include bypass and password leak vulnerabilities.; tags | advisory, web, vulnerability, protocol; systems | linux, redhat; advisories | CVE-2022-22576, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782; SHA-256 | a62bc10ae94b9fb650a0ceca8cb4aac980b089e68891a50b1e2e20636f143639; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 294 files
Ubuntu 64 files
Debian 24 files
Apple 14 files
LiquidWorm 12 files
Gentoo 8 files
Google Security Research 4 files
Andrey Stoykov 3 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,171)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,070)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,426)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,010)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2022-27774

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems