curl (SUSE:Linux Enterprise Server 15 SP2-BCL) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 15 SP2-BCL package curl, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2022-32221 — CVSS 9.8 (critical): When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when…
CVE-2022-27781 — CVSS 7.5 (high): libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate…
CVE-2022-27782 — CVSS 7.5 (high): libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited…
CVE-2022-32206 — CVSS 6.5 (medium): curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and…
CVE-2022-32208 — CVSS 5.9 (medium): When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a…