search

endpointlabs / VulnerableDotNetCore3Project

.Net Core 3.0
0 stars 0 forks source link

CVE-2022-27775 | curl (CWE-1035) #8

Open mgulter opened 2 years ago

mgulter commented 2 years ago

A high severity vulnerability has been discovered in your project.

Project Name: IssueTest

Scanner Name: trivy

Cwe ID: 1035

Cwe Name: Using Components with Known Vulnerabilities

Cwe Link: https://cwe.mitre.org/data/definitions/1035.html

CVE ID: CVE-2022-27775

Target: nginx:latest (debian 11.3)

Packages:

References:

Kondukto Remediation 1: testremed 2: test 3: Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed

Tool Description: An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.

Custom Description: test