This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Has anyone come across the CVE-2022-32221 in Apigee installation

Posted on 06-01-2023 04:54 AM
Mesun
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Dear Friends,

Do let me know if you have come across the CVE-2022-32221  vulnerability in Apigee private cloud. 

Details given below:

A vulnerability was found in curl. The issue occurs when doing http(s) transfers, where curl might erroneously use the read callback (`curlopt_readfunction`) to ask for data to send, even when the `curlopt_postfields` option has been set if it previously used the same handle to issue a `put` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `post` request. ( ( CVE-2022-32221 (https://access.redhat.com/security/cve/CVE-2022-32221)) a vulnerability was found in curl.

Thanks in advance for helping. 

Solved Solved
0 1 195
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
pablosan
Staff
Reply posted on --/--/---- --:-- AM

I would highly recommend that you reach out to the Apigee Support team, file a case and they can properly advise you on CVE and fixes.

View solution in original post

Jump to Solution
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
pablosan
Staff
Reply posted on --/--/---- --:-- AM

I would highly recommend that you reach out to the Apigee Support team, file a case and they can properly advise you on CVE and fixes.

Jump to Solution
0 Likes
Top Solution Authors
View all