CVE-2022-27780: SSRF

First published: Thu Jun 02 2022(Updated: )

The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters, checks and more.

Credit: support@hackerone.com support@hackerone.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• agent/first-publish-date
• agent/weakness
• agent/severity
• agent/references
• agent/description
• agent/event
• agent/last-modified-date
• agent/author
• agent/softwarecombine
• agent/tags
• collector/nvd-index
• agent/software-canonical-lookup-request
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• vendor/haxx
• canonical/haxx curl
• version/haxx curl/7.80.0
• vendor/netapp
• canonical/netapp hci bootstrap os
• canonical/netapp hci compute node
• canonical/netapp clustered data ontap
• canonical/netapp solidfire\, enterprise sds \& hci storage node
• canonical/netapp solidfire \& hci management node
• canonical/netapp h410s firmware
• canonical/netapp h410s
• canonical/netapp h700s firmware
• canonical/netapp h700s
• canonical/netapp h500s firmware
• canonical/netapp h500s
• canonical/netapp h300s firmware
• canonical/netapp h300s
• vendor/splunk
• canonical/splunk universal forwarder
• version/splunk universal forwarder/8.2.0
• version/splunk universal forwarder/9.0.0
• version/splunk universal forwarder/9.1.0