Debian Bug report logs -
#1010252
curl: CVE-2022-27776: Auth/cookie leak on redirect
Package:
src:curl;
Maintainer for src:curl is Alessandro Ghedini <ghedo@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 27 Apr 2022 08:21:02 UTC
Severity: important
Tags: security, upstream
Found in ver ...
Several security issues were fixed in curl ...
Multiple security vulnerabilities have been discovered in cURL, an URL
transfer library These flaws may allow remote attackers to obtain sensitive
information, leak authentication or cookie header data or facilitate a
denial of service attack
For the stable distribution (bullseye), these problems have been fixed in
version 7740-13+deb11u2
We ...
A vulnerability was found in curl This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer This issue leads to an authentication bypass, either by mistake or by a malicious actor (CVE-2022-22576)
A vulnerability was found in ...
A vulnerability was found in curl This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer This issue leads to an authentication bypass, either by mistake or by a malicious actor (CVE-2022-22576)
A vulnerability was found in ...
Synopsis
Moderate: curl security update
Type/Severity
Security Advisory: Moderate
Topic
An update for curl is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is a ...
Synopsis
Moderate: Secondary Scheduler Operator for Red Hat OpenShift 101 security update
Type/Severity
Security Advisory: Moderate
Topic
Secondary Scheduler Operator for Red Hat OpenShift 101Red Hat Product Security has rated this update as having a security impact ofModerate A Common Vulnerability Scoring System (CVSS) base score, whic ...
Synopsis
Moderate: Logging Subsystem 543 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Moderate
Topic
Logging Subsystem 543 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Synopsis
Moderate: Openshift Logging Bug Fix and security update Release (5310)
Type/Severity
Security Advisory: Moderate
Topic
Openshift Logging Bug Fix Release (5310)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed seve ...
Synopsis
Moderate: ACS 371 enhancement and security update
Type/Severity
Security Advisory: Moderate
Topic
Updated images are now available for Red Hat Advanced Cluster Security The updated image includes bug fixes and feature improvementsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulne ...
Synopsis
Moderate: Openshift Logging Bug Fix and security update Release (5213)
Type/Severity
Security Advisory: Moderate
Topic
Openshift Logging Bug Fix Release (5213)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed seve ...
Synopsis
Important: Release of containers for OSP 162z director operator tech preview
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenStack Platform 162 (Train) director operator containers, with several Important security fixes, are available for technology preview
Description
Release osp-director-operator imagesSecurity F ...
Synopsis
Moderate: New container image for Red Hat Ceph Storage 52 Security update
Type/Severity
Security Advisory: Moderate
Topic
A new container image for Red Hat Ceph Storage 52 is now available in the Red Hat Ecosystem CatalogRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability ...
Synopsis
Important: OpenShift Virtualization 4110 Images security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4110 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a secur ...
Synopsis
Important: OpenShift Container Platform 4110 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 4110 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Co ...
Synopsis
Moderate: Migration Toolkit for Containers (MTC) 173 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
The Migration Toolkit for Containers (MTC) 173 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Moderate: OpenShift Container Platform 4110 extras and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4110 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Conta ...
Synopsis
Important: Red Hat OpenShift Data Foundation 4110 security, enhancement, & bugfix update
Type/Severity
Security Advisory: Important
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4110 on Red Hat Enterprise Linux 8Red Hat Product Securit ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 251 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 251 GeneralAvailability release images, which fix security issues and bugsRed Hat Product Security has rated this update as having a security impactof ...
Synopsis
Important: Release of OpenShift Serverless 1240
Type/Severity
Security Advisory: Important
Topic
Release of OpenShift Serverless 1240The References section contains CVE links providing detailed severity ratingsfor each vulnerability Ratings are based on a Common Vulnerability ScoringSystem (CVSS) base score
Description
Versio ...
curl might leak authentication or cookie header data on HTTP redirects to the same host but another port number ...
A vulnerability was found in curl This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer This issue leads to an authentication bypass, either by mistake or by a malicious actor (CVE-2022-22576)
A vulnerability was found in ...
A vulnerability was found in curl This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer This issue leads to an authentication bypass, either by mistake or by a malicious actor (CVE-2022-22576)
A vulnerability was found in ...