vulnerability
Microsoft Windows: CVE-2022-27776: HackerOne: CVE-2022-27776 Insufficiently protected credentials vulnerability might leak authentication or cookie header data
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Jul 12, 2022 | Jul 12, 2022 | Nov 11, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Jul 12, 2022
Added
Jul 12, 2022
Modified
Nov 11, 2025
Description
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
Solutions
microsoft-windows-windows_10-1809-kb5015811microsoft-windows-windows_10-20h2-kb5015807microsoft-windows-windows_10-21h1-kb5015807microsoft-windows-windows_10-21h2-kb5015807microsoft-windows-windows_11-21h2-kb5015814microsoft-windows-windows_server_2019-1809-kb5015811microsoft-windows-windows_server_2022-21h2-kb5015827microsoft-windows-windows_server_2022-22h2-kb5015827msft-kb5015807-51c1eea0-5bd0-4188-9068-04cc6177eb33
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.