CURL-CVE-2022-27781

See a problem?
Please try reporting it to the source first.

Source

https://curl.se/docs/CVE-2022-27781.html

Import Source

https://curl.se/docs/CURL-CVE-2022-27781.json

JSON Data

https://api.test.osv.dev/v1/vulns/CURL-CVE-2022-27781

Aliases

CVE-2022-27781

Published

2022-05-11T08:00:00Z

Modified

2025-05-15T17:48:29Z

Summary

CERTINFO never-ending busy-loop

Details

libcurl provides the CURLOPT_CERTINFO option to allow applications to request details to be returned about a TLS server's certificate chain.

Due to an erroneous function, a malicious server could make libcurl built with NSS get stuck in a never-ending busy-loop when trying to retrieve that information.

Database specific

{
    "www": "https://curl.se/docs/CVE-2022-27781.html",
    "severity": "Low",
    "affects": "lib",
    "last_affected": "7.83.0",
    "package": "curl",
    "issue": "https://hackerone.com/reports/1555441",
    "URL": "https://curl.se/docs/CVE-2022-27781.json",
    "CWE": {
        "id": "CWE-835",
        "desc": "Loop with Unreachable Exit Condition ('Infinite Loop')"
    }
}

References

Credits

- Florian Kohnhäuser - FINDER
- Daniel Stenberg - REMEDIATION_DEVELOPER

Affected packages

Git / github.com/curl/curl.git

Affected ranges

Type: SEMVER
Events: Introduced

7.34.0

Fixed

7.83.1

Type: GIT
Repo: https://github.com/curl/curl.git
Events: Introduced

f6c335d63f2da025a0a3efde1fe59e3bb7189b70

Fixed

5c7da89d404bf59c8dd82a001119a16d18365917

Affected versions

7.*

7.34.0

7.35.0

7.36.0

7.37.0

7.37.1

7.38.0

7.39.0

7.40.0

7.41.0

7.42.0

7.42.1

7.43.0

7.44.0

7.45.0

7.46.0

7.47.0

7.47.1

7.48.0

7.49.0

7.49.1

7.50.0

7.50.1

7.50.2

7.50.3

7.51.0

7.52.0

7.52.1

7.53.0

7.53.1

7.54.0

7.54.1

7.55.0

7.55.1

7.56.0

7.56.1

7.57.0

7.58.0

7.59.0

7.60.0

7.61.0

7.61.1

7.62.0

7.63.0

7.64.0

7.64.1

7.65.0

7.65.1

7.65.2

7.65.3

7.66.0

7.67.0

7.68.0

7.69.0

7.69.1

7.70.0

7.71.0

7.71.1

7.72.0

7.73.0

7.74.0

7.75.0

7.76.0

7.76.1

7.77.0

7.78.0

7.79.0

7.79.1

7.80.0

7.81.0

7.82.0

7.83.0

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "digest": {
            "function_hash": "119952315264947547505408304301898934427",
            "length": 1265.0
        },
        "source": "https://github.com/curl/curl.git/commit/5c7da89d404bf59c8dd82a001119a16d18365917",
        "target": {
            "file": "lib/vtls/nss.c",
            "function": "display_conn_info"
        },
        "id": "CURL-CVE-2022-27781-18eb782e",
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "236797745310488444108348493315805500132",
                "222406199052514222794486417960583007861",
                "39267736724132391586582497542171928336",
                "56947198554545870756526324233928044401",
                "126755884391517798093707259725204477399",
                "138007774983089227384082586770325334603",
                "269459019928710695163306352805301572008"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/curl/curl.git/commit/5c7da89d404bf59c8dd82a001119a16d18365917",
        "target": {
            "file": "lib/vtls/nss.c"
        },
        "id": "CURL-CVE-2022-27781-746c0fcf",
        "signature_type": "Line",
        "signature_version": "v1"
    }
]