CLSA-2022-1656430138
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1656430138.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2022-1656430138
- Upstream
- Published
- 2022-06-28T15:28:58Z
- Modified
- 2026-06-01T00:33:19.332913871Z
- Summary
- Fixed CVEs in curl: CVE-2022-27780, CVE-2022-27781, CVE-2022-27782
- Details
-
- CVE-2022-27782: check additional TLS or SSH connection parameters that should have prohibited connection reuse
- CVE-2022-27781: add limit of certificates which can be traversed breaking possible infinite loop
- CVE-2022-27780: exclude malicious characters from url to prevent incorrect address decoding
- References
Affected packages
TuxCare:CentOS:8.4 / curl
Package
- Name
- curl
- Purl
- pkg:rpm/tuxcare/curl?distro=centos-8.4
TuxCare:CentOS:8.4 / curl-minimal
Package
- Name
- curl-minimal
- Purl
- pkg:rpm/tuxcare/curl-minimal?distro=centos-8.4
TuxCare:CentOS:8.4 / libcurl
Package
- Name
- libcurl
- Purl
- pkg:rpm/tuxcare/libcurl?distro=centos-8.4
TuxCare:CentOS:8.4 / libcurl-devel
Package
- Name
- libcurl-devel
- Purl
- pkg:rpm/tuxcare/libcurl-devel?distro=centos-8.4