An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.
2022-06-02T14:15:43.510
2024-11-21T06:56:09.800
Modified
CVSSv3.1: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:N/A:N
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | haxx | curl | ≤ 7.82.0 | Yes |
| Operating System | debian | debian_linux | 11.0 | Yes |
| Operating System | netapp | hci_bootstrap_os | - | Yes |
| Hardware | netapp | hci_compute_node | - | No |
| Application | netapp | clustered_data_ontap | - | Yes |
| Application | netapp | solidfire_\&_hci_management_node | - | Yes |
| Application | netapp | solidfire_\&_hci_storage_node | - | Yes |
| Operating System | brocade | fabric_operating_system | - | Yes |
| Operating System | netapp | h300s_firmware | - | Yes |
| Hardware | netapp | h300s | - | No |
| Operating System | netapp | h500s_firmware | - | Yes |
| Hardware | netapp | h500s | - | No |
| Operating System | netapp | h700s_firmware | - | Yes |
| Hardware | netapp | h700s | - | No |
| Operating System | netapp | h410s_firmware | - | Yes |
| Hardware | netapp | h410s | - | No |
| Application | splunk | universal_forwarder | < 8.2.12 | Yes |
| Application | splunk | universal_forwarder | < 9.0.6 | Yes |
| Application | splunk | universal_forwarder | 9.1.0 | Yes |