CVE-2022-27782

HIGH Year: 2022
CVSS v3 Score
7.5
High
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-840
View all →

Vulnerability Description

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.

Related Vulnerabilities

CVE-2021-22926

HIGH
CVSS:7.5(High)

libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is buil...

CWE-8402021

CVE-2024-2267

HIGH
CVSS:7.5(High)

A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0 and classified as problematic. This issue affects some unknown processing of the file /shop.php. The manipulation of the argument ...

CWE-8402024

CVE-2024-45424

HIGH
CVSS:7.5(High)

Business logic error in some Zoom Workplace Apps may allow an unauthenticated user to conduct a disclosure of information via network access.

CWE-8402024

CVE-2024-51523

HIGH
CVSS:7.5(High)

Information management vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CWE-8402024

CVE-2024-54098

HIGH
CVSS:7.5(High)

Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity.

CWE-8402024

CVE-2024-56438

HIGH
CVSS:7.5(High)

Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.

CWE-8402024