CVE-2022-32207

EPSS 0.20% · P42 Updated Apr 29, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-32207

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

业务逻辑错误

Source: NVD (National Vulnerability Database)

Vulnerability Title

curl 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

curl是一款用于从服务器传输数据或向服务器传输数据的工具。 curl 7.69.0版本到7.83.1版本存在安全漏洞，该漏洞源于在重命名操作中curl会意外夸大目标文件的权限。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	https://github.com/curl/curl	Fixed in 7.84.0	-

II. Public POCs for CVE-2022-32207

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-32207

请登录查看更多情报信息。

Same Patch Batch · n/a · 2022-07-07 · 32 CVEs total

CVE-2022-31854		Codoforum 代码问题漏洞
CVE-2022-1245		Red Hat Keycloak 安全漏洞
CVE-2022-32061		Snipe-IT 跨站脚本漏洞
CVE-2021-29281		GFI Mail Archiver 代码问题漏洞
CVE-2021-35283		atoms183 CMS SQL注入漏洞
CVE-2022-33098		Magnolia CMS 跨站脚本漏洞
CVE-2021-31645		glFTPd 安全漏洞
CVE-2015-5298		Jenkins Plugin Google Login 授权问题漏洞
CVE-2022-32058		TP-LINK TL-WR741N和TP-LINK TL-WR742N 安全漏洞
CVE-2022-32056		Online Accreditation Management SQL注入漏洞
CVE-2022-32055		Nesote Technologies Inout Homestay SQL注入漏洞
CVE-2022-32054		Tenda AC10 操作系统命令注入漏洞
CVE-2015-5236		icedtea-web 数据伪造问题漏洞
CVE-2022-23744		Check Point Endpoint Security Client 安全漏洞
CVE-2021-46825		Symantec Advanced Secure Gateway 环境问题漏洞
CVE-2022-32441		Hex Rays Ida Pro 缓冲区错误漏洞
CVE-2022-32060		Snipe-IT 跨站脚本漏洞
CVE-2015-1784		WordPress plugin nextgen-galery 代码问题漏洞
CVE-2015-1785		WordPress plugin nextgen-galery 跨站请求伪造漏洞
CVE-2015-3207		Red Hat OpenShift 安全漏洞

Showing top 20 of 32 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: https://github.com/curl/curl

Same vendor: n/a

Same weakness: CWE-840

V. Comments for CVE-2022-32207

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-32207

I. Basic Information for CVE-2022-32207

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-32207

III. Intelligence Information for CVE-2022-32207

Same Patch Batch · n/a · 2022-07-07 · 32 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-32207

Leave a comment