Dear Friends,
Do let me know if you have come across the CVE-2022-32221 vulnerability in Apigee private cloud.
Details given below:
A vulnerability was found in curl. The issue occurs when doing http(s) transfers, where curl might erroneously use the read callback (`curlopt_readfunction`) to ask for data to send, even when the `curlopt_postfields` option has been set if it previously used the same handle to issue a `put` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `post` request. ( ( CVE-2022-32221 (https://access.redhat.com/security/cve/CVE-2022-32221)) a vulnerability was found in curl.
Thanks in advance for helping.
Solved! Go to Solution.
I would highly recommend that you reach out to the Apigee Support team, file a case and they can properly advise you on CVE and fixes.
I would highly recommend that you reach out to the Apigee Support team, file a case and they can properly advise you on CVE and fixes.