Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: CVE-2022-22623
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Thu, 17 Mar 2022 11:03:48 +0100 (CET)
On Thu, 17 Mar 2022, Phil Cole via curl-library wrote:
> Doing a search for the CVE pulled up, for me, the Apple page and this one:
> https://www.cybersecurity-help.cz/vdb/SB2022031431. Doesn't really say very
> much other than security restrictions can be bypassed due to an unspecified
> vulnerability in curl.
I find it almost amusing how much detail many sites post about CVE-2022-22623
when all that exists is the mention by Apple and a reserved ID at MITRE:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22623
It being reserved doesn't mean much, as there are literally hundreds if not
thousands of such reserved IDs at any one time.
Date: Thu, 17 Mar 2022 11:03:48 +0100 (CET)
On Thu, 17 Mar 2022, Phil Cole via curl-library wrote:
> Doing a search for the CVE pulled up, for me, the Apple page and this one:
> https://www.cybersecurity-help.cz/vdb/SB2022031431. Doesn't really say very
> much other than security restrictions can be bypassed due to an unspecified
> vulnerability in curl.
I find it almost amusing how much detail many sites post about CVE-2022-22623
when all that exists is the mention by Apple and a reserved ID at MITRE:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22623
It being reserved doesn't mean much, as there are literally hundreds if not
thousands of such reserved IDs at any one time.
-- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://curl.se/support.html -- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.htmlReceived on 2022-03-17