VDB
DEBIAN-CVE-2022-27776
DEBIAN-CVE-2022-27776
PUBLISHED
CVSS 6.5 MEDIUM
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | curl | 0, 0, 0 |
| Debian:14 | curl | 0, 0, 0 |
| Debian:12 | curl | 0, 0, 0 |
| Debian:11 | curl | 0, 7.74.0-1.3, 0 |
Exploit Intelligence
- glcve_test.go (github-poc)
Timeline
- Jun 2, 2022 CVE Published
- Apr 28, 2026 CVE Updated