CVE-2022-27775: 
Splunk Forwarder vulnerability analysis and mitigation

An information disclosure vulnerability (CVE-2022-27775) was discovered in curl versions 7.65.0 to 7.82.0. The vulnerability was introduced in May 2019 and was reported by Harry Sintonen on April 21, 2022. The issue affects the connection pool reuse mechanism when handling IPv6 addresses with different zone IDs (Curl Advisory).

The vulnerability stems from errors in the connection pool matching logic where the IPv6 address zone ID was not properly taken into account. This could lead to libcurl reusing the wrong connection when one transfer uses a zone ID and a subsequent transfer uses another (or no) zone ID. The issue only affects non-global scoped IPv6 addresses specified numerically. The vulnerability has been assigned a CVSS score of 7.5 (High) with the vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (NVD, NetApp Advisory).

When successfully exploited, this vulnerability could lead to the disclosure of sensitive information by allowing an attacker to reuse incorrect connections, potentially exposing data to unauthorized parties (Curl Advisory, NetApp Advisory).

The vulnerability was fixed in curl version 7.83.0, released on April 27, 2022. Users are recommended to upgrade to this version or later. For those unable to upgrade immediately, a workaround is to avoid using non-global numerical IPv6 addresses in URLs to curl (Curl Advisory).