curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: CVE-2022-22623

From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Thu, 17 Mar 2022 11:03:48 +0100 (CET)

On Thu, 17 Mar 2022, Phil Cole via curl-library wrote:

> Doing a search for the CVE pulled up, for me, the Apple page and this one:
> https://www.cybersecurity-help.cz/vdb/SB2022031431. Doesn't really say very
> much other than security restrictions can be bypassed due to an unspecified
> vulnerability in curl.

I find it almost amusing how much detail many sites post about CVE-2022-22623
when all that exists is the mention by Apple and a reserved ID at MITRE:

   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22623

It being reserved doesn't mean much, as there are literally hundreds if not
thousands of such reserved IDs at any one time.

-- 
  / daniel.haxx.se
  | Commercial curl support up to 24x7 is available!
  | Private help, bug fixes, support, ports, new features
  | https://curl.se/support.html
-- 
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2022-03-17