Home

CVE-2022-27775

Description

An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.143

Associated Vulnerability

VulnerabilityOS Platform
Vulnerability CVE-2022-22576,CVE-2022-27774,CVE-2022-27775,CVE-2022-27776 are affected in Curl For Windows 7.82.0Windows
Vulnerabilities CVE-2022-27776,CVE-2022-27775,CVE-2022-27774,CVE-2022-22576 are fixed in Curl For Windows 7.83.0Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.3Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.4Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.5Windows
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) curl_7.81.0-1ubuntu1.2_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) curl_7.81.0-1ubuntu1.2_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) curl_7.58.0-2ubuntu3.17_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) curl_7.58.0-2ubuntu3.17_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) curl_7.68.0-1ubuntu2.10_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) curl_7.68.0-1ubuntu2.10_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) curl_7.74.0-1.3ubuntu2.1_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) curl_7.74.0-1.3ubuntu2.1_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl4_7.81.0-1ubuntu1.2_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl4_7.81.0-1ubuntu1.2_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl4_7.58.0-2ubuntu3.17_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl4_7.58.0-2ubuntu3.17_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl4_7.68.0-1ubuntu2.10_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl4_7.68.0-1ubuntu2.10_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl4_7.74.0-1.3ubuntu2.1_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl4_7.74.0-1.3ubuntu2.1_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-nss_7.81.0-1ubuntu1.2_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-nss_7.81.0-1ubuntu1.2_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-nss_7.58.0-2ubuntu3.17_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-nss_7.58.0-2ubuntu3.17_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-nss_7.68.0-1ubuntu2.10_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-nss_7.68.0-1ubuntu2.10_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-nss_7.74.0-1.3ubuntu2.1_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-nss_7.74.0-1.3ubuntu2.1_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-gnutls_7.81.0-1ubuntu1.2_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-gnutls_7.81.0-1ubuntu1.2_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-gnutls_7.58.0-2ubuntu3.17_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-gnutls_7.58.0-2ubuntu3.17_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-gnutls_7.68.0-1ubuntu2.10_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-gnutls_7.68.0-1ubuntu2.10_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-gnutls_7.74.0-1.3ubuntu2.1_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-5397-1) libcurl3-gnutls_7.74.0-1.3ubuntu2.1_amd64.debLinux
curl security update(DSA-5197-1) curl_7.74.0-1.3+deb11u2_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234