libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2022-06-01T00:00:00
Updated: 2024-08-03T05:33:00.192Z
Reserved: 2022-03-23T00:00:00
Link: CVE-2022-27781
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-06-02T14:15:44.467
Modified: 2024-11-21T06:56:10.647
Link: CVE-2022-27781
Redhat