RHSA-2022:5313-01 -- Redhat curl, libcurlID: oval:org.secpod.oval:def:507030 | Date: (C)2022-07-12 (M)2024-04-03 |
Class: PATCH | Family: unix |
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: OAUTH2 bearer bypass in connection re-use * curl: credential leak on redirect * curl: auth/cookie leak on redirect * curl: TLS and SSH connection too eager reuse For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 8 |