VDB

DEBIAN-CVE-2022-27776

DEBIAN-CVE-2022-27776 PUBLISHED CVSS 6.5 MEDIUM

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
Debian:13curl0, 0, 0
Debian:14curl0, 0, 0
Debian:12curl0, 0, 0
Debian:11curl0, 7.74.0-1.3, 0

Exploit Intelligence

Timeline

  • Jun 2, 2022 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›