curl / Docs / Vulnerability table / 7.80.0 vulnerabilities

Vulnerabilities in curl 7.80.0

curl version 7.80.0 was released on November 10 2021. The following 7 security problems are known to exist in this version.

FlawFrom versionTo and includingCVECWE
TLS and SSH connection too eager reuse7.16.17.83.0CVE-2022-27782CWE-305: Authentication Bypass by Primary Weakness
CERTINFO never-ending busy-loop7.34.07.83.0CVE-2022-27781CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
percent-encoded path separator in URL host7.80.07.83.0CVE-2022-27780CWE-177: Improper Handling of URL Encoding
Auth/cookie leak on redirect4.97.82.0CVE-2022-27776CWE-522: Insufficiently Protected Credentials
Bad local IPv6 connection reuse7.65.07.82.0CVE-2022-27775CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Credential leak on redirect4.97.82.0CVE-2022-27774CWE-522: Insufficiently Protected Credentials
OAUTH2 bearer bypass in connection re-use7.33.07.82.0CVE-2022-22576CWE-305: Authentication Bypass by Primary Weakness

Changelog for curl 7.80.0

See vulnerability summary for the previous release: 7.79.1 or the subsequent release: 7.81.0