Hiroki Kurosawa discovered that curl incorrectly handled HSTS support when certain hostnames included IDN characters. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-43551)
It was discovered that curl incorrectly handled denials when using HTTP proxies. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-43552)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "7.58.0-2ubuntu3.22", "binary_name": "curl" }, { "binary_version": "7.58.0-2ubuntu3.22", "binary_name": "curl-dbgsym" }, { "binary_version": "7.58.0-2ubuntu3.22", "binary_name": "libcurl3-gnutls" }, { "binary_version": "7.58.0-2ubuntu3.22", "binary_name": "libcurl3-gnutls-dbgsym" }, { "binary_version": "7.58.0-2ubuntu3.22", "binary_name": "libcurl3-nss" }, { "binary_version": "7.58.0-2ubuntu3.22", "binary_name": "libcurl3-nss-dbgsym" }, { "binary_version": "7.58.0-2ubuntu3.22", "binary_name": "libcurl4" }, { "binary_version": "7.58.0-2ubuntu3.22", "binary_name": "libcurl4-dbgsym" }, { "binary_version": "7.58.0-2ubuntu3.22", "binary_name": "libcurl4-doc" }, { "binary_version": "7.58.0-2ubuntu3.22", "binary_name": "libcurl4-gnutls-dev" }, { "binary_version": "7.58.0-2ubuntu3.22", "binary_name": "libcurl4-nss-dev" }, { "binary_version": "7.58.0-2ubuntu3.22", "binary_name": "libcurl4-openssl-dev" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "7.68.0-1ubuntu2.15", "binary_name": "curl" }, { "binary_version": "7.68.0-1ubuntu2.15", "binary_name": "curl-dbgsym" }, { "binary_version": "7.68.0-1ubuntu2.15", "binary_name": "libcurl3-gnutls" }, { "binary_version": "7.68.0-1ubuntu2.15", "binary_name": "libcurl3-gnutls-dbgsym" }, { "binary_version": "7.68.0-1ubuntu2.15", "binary_name": "libcurl3-nss" }, { "binary_version": "7.68.0-1ubuntu2.15", "binary_name": "libcurl3-nss-dbgsym" }, { "binary_version": "7.68.0-1ubuntu2.15", "binary_name": "libcurl4" }, { "binary_version": "7.68.0-1ubuntu2.15", "binary_name": "libcurl4-dbgsym" }, { "binary_version": "7.68.0-1ubuntu2.15", "binary_name": "libcurl4-doc" }, { "binary_version": "7.68.0-1ubuntu2.15", "binary_name": "libcurl4-gnutls-dev" }, { "binary_version": "7.68.0-1ubuntu2.15", "binary_name": "libcurl4-nss-dev" }, { "binary_version": "7.68.0-1ubuntu2.15", "binary_name": "libcurl4-openssl-dev" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "7.81.0-1ubuntu1.7", "binary_name": "curl" }, { "binary_version": "7.81.0-1ubuntu1.7", "binary_name": "curl-dbgsym" }, { "binary_version": "7.81.0-1ubuntu1.7", "binary_name": "libcurl3-gnutls" }, { "binary_version": "7.81.0-1ubuntu1.7", "binary_name": "libcurl3-gnutls-dbgsym" }, { "binary_version": "7.81.0-1ubuntu1.7", "binary_name": "libcurl3-nss" }, { "binary_version": "7.81.0-1ubuntu1.7", "binary_name": "libcurl3-nss-dbgsym" }, { "binary_version": "7.81.0-1ubuntu1.7", "binary_name": "libcurl4" }, { "binary_version": "7.81.0-1ubuntu1.7", "binary_name": "libcurl4-dbgsym" }, { "binary_version": "7.81.0-1ubuntu1.7", "binary_name": "libcurl4-doc" }, { "binary_version": "7.81.0-1ubuntu1.7", "binary_name": "libcurl4-gnutls-dev" }, { "binary_version": "7.81.0-1ubuntu1.7", "binary_name": "libcurl4-nss-dev" }, { "binary_version": "7.81.0-1ubuntu1.7", "binary_name": "libcurl4-openssl-dev" } ] }