CVE-2022-40281EPSS p39.4%
CVE-2022-40281CVE-2022-40281
samsung / tizenrt
Description
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure.
Scoring
| CVSS | 7.5 () |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| EPSS | 0.51% probability of exploitation · percentile 39.4% · 2026-06-19T12:03:05Z |
| Last modified | 2026-06-17 |