CVE-2022-27780

Name
CVE-2022-27780
Description
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters, checks and more.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://hackerone.com/reports/1553841
CONFIRM https://security.netapp.com/advisory/ntap-20220609-0009/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:* curl >= 7.80.0 < 7.83.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
curl 3.15-main 7.80.0-r5 Natanael Copa <ncopa@alpinelinux.org> fixed