CVE-2022-27774 — Insufficiently Protected Credentials in Curl

CWE-522 — Insufficiently Protected Credentials13 documents9 sources

Severity

5.7MEDIUMNVD

OSV8.1

EPSS

0.3%

top 46.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Haxx Curl Splunk Universal Forwarder Https Github.com Curl Curl +1 more

Timeline

PublishedJun 2

Latest updateJan 7

Description

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:NExploitability: 2.1 | Impact: 3.6

Affected Packages5 packages

▶CVEListV5https/github.com_curl_curlcurl 4.9 to and include curl 7.82.0 are affected

▶Debianhaxx/curl< 7.74.0-1.3+deb11u2+3

▶Ubuntuhaxx/curl< 7.58.0-2ubuntu3.17+2

▶NVDhaxx/curl4.9 — 7.82.0

▶NVDsplunk/universal_forwarder8.2.0 — 8.2.12+2

Also affects: Debian Linux 10.0, 11.0

🔴Vulnerability Details

GHSA

GHSA-7xmh-mw7w-rr97: An insufficiently protected credentials vulnerability exists in curl 4↗2022-06-03

▶

OSV

CVE-2022-27774: An insufficiently protected credentials vulnerability exists in curl 4↗2022-06-02

▶

CVEList

CVE-2022-27774: An insufficiently protected credentials vulnerability exists in curl 4↗2022-06-01

▶

OSV

curl vulnerabilities↗2022-04-28

▶

📋Vendor Advisories

Microsoft

▶

Ubuntu

curl vulnerabilities↗2022-04-28

▶

Red Hat

curl: credential leak on redirect↗2022-04-27

▶

Debian

CVE-2022-27774: curl - An insufficiently protected credentials vulnerability exists in curl 4.9 to and ...↗2022

▶

💬Community

HackerOne

CVE-2025-14524: bearer token leak on cross-protocol redirect↗2026-01-07

▶

HackerOne

CVE-2022-27774: Credential leak on redirect↗2022-04-29

▶

HackerOne

CVE-2022-27774: Credential leak on redirect↗2022-04-27

▶