Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this issue to trick curl into using the wrong URL and bypass certain checks or filters. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-27780)
Florian Kohnhuser discovered that curl incorrectly handled returning a TLS server's certificate chain details. A remote attacker could possibly use this issue to cause curl to stop responding, resulting in a denial of service. (CVE-2022-27781)
Harry Sintonen discovered that curl incorrectly reused a previous connection when certain options had been changed, contrary to expectations. (CVE-2022-27782)
{ "availability": "No subscription required", "binaries": [ { "curl-dbgsym": "7.58.0-2ubuntu3.18", "curl": "7.58.0-2ubuntu3.18", "libcurl4": "7.58.0-2ubuntu3.18", "libcurl4-gnutls-dev": "7.58.0-2ubuntu3.18", "libcurl4-dbgsym": "7.58.0-2ubuntu3.18", "libcurl3-nss": "7.58.0-2ubuntu3.18", "libcurl4-doc": "7.58.0-2ubuntu3.18", "libcurl3-nss-dbgsym": "7.58.0-2ubuntu3.18", "libcurl3-gnutls": "7.58.0-2ubuntu3.18", "libcurl3-gnutls-dbgsym": "7.58.0-2ubuntu3.18", "libcurl4-openssl-dev": "7.58.0-2ubuntu3.18", "libcurl4-nss-dev": "7.58.0-2ubuntu3.18" } ] }
{ "availability": "No subscription required", "binaries": [ { "curl-dbgsym": "7.68.0-1ubuntu2.11", "curl": "7.68.0-1ubuntu2.11", "libcurl4": "7.68.0-1ubuntu2.11", "libcurl4-gnutls-dev": "7.68.0-1ubuntu2.11", "libcurl4-dbgsym": "7.68.0-1ubuntu2.11", "libcurl3-nss": "7.68.0-1ubuntu2.11", "libcurl4-doc": "7.68.0-1ubuntu2.11", "libcurl3-nss-dbgsym": "7.68.0-1ubuntu2.11", "libcurl3-gnutls": "7.68.0-1ubuntu2.11", "libcurl3-gnutls-dbgsym": "7.68.0-1ubuntu2.11", "libcurl4-openssl-dev": "7.68.0-1ubuntu2.11", "libcurl4-nss-dev": "7.68.0-1ubuntu2.11" } ] }
{ "availability": "No subscription required", "binaries": [ { "curl-dbgsym": "7.81.0-1ubuntu1.2", "curl": "7.81.0-1ubuntu1.2", "libcurl4": "7.81.0-1ubuntu1.2", "libcurl4-gnutls-dev": "7.81.0-1ubuntu1.2", "libcurl4-dbgsym": "7.81.0-1ubuntu1.2", "libcurl3-nss": "7.81.0-1ubuntu1.2", "libcurl4-doc": "7.81.0-1ubuntu1.2", "libcurl3-nss-dbgsym": "7.81.0-1ubuntu1.2", "libcurl3-gnutls": "7.81.0-1ubuntu1.2", "libcurl3-gnutls-dbgsym": "7.81.0-1ubuntu1.2", "libcurl4-openssl-dev": "7.81.0-1ubuntu1.2", "libcurl4-nss-dev": "7.81.0-1ubuntu1.2" } ] }