发布时间: 2022年11月4日
修改时间: 2024年10月31日
A vulnerability was found in curl. The issue occurs if curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL. It sets up the connection to the remote server by issuing a `CONNECT` request to the proxy and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 response code to the client. Due to flaws in the error/cleanup handling, this could trigger a double-free issue in curl if using one of the following schemes in the URL for the transfer: `dict,` `gopher,` `gophers,` `ldap`, `ldaps`, `rtmp`, `rtmps`, `telnet.`
| NVD | openEuler | |
|---|---|---|
| Confidentiality | High | Low |
| Attack Vector | Network | Network |
| CVSS评分 | 8.1 | 7.3 |
| Attack Complexity | High | Low |
| Privileges Required | None | None |
| Scope | Unchanged | Unchanged |
| Integrity | High | Low |
| User Interaction | None | None |
| Availability | High | Low |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2022-2700 | curl security update | 2022年11月4日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.5.1 | curl | Fixed |
