Unrated severityNVD Advisory· Published Sep 8, 2022· Updated Aug 3, 2024
CVE-2022-40281
CVE-2022-40281
Description
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Samsung/TizenRTdescription
- Range: <=3.0_GBM (and 3.1_PRE)
Patches
Vulnerability mechanics
References
3- github.com/Samsung/TizenRT/blob/f8f776dd183246ad8890422c1ee5e8f33ab2aaaf/external/curl/vtls/cyassl.cmitrex_refsource_MISC
- github.com/Samsung/TizenRT/issues/5626mitrex_refsource_MISC
- www.openssl.org/docs/man1.1.1/man3/SSL_get_peer_certificate.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.