Lucene search

[email protected]CVE-2022-32205

HistoryJul 07, 2022 - 1:15 p.m.

CVE-2022-32205

2022-07-0713:15:08

CWE-770

[email protected]

web.nvd.nist.gov

139

cve-2022-32205

denial of service

http response

set-cookie

curl

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.5%

JSON

A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven’t expired. Due to cookie matching rules, a server on foo.example.com can set cookies that also would match for bar.example.com, making it it possible for a “sister server” to effectively cause a denial of service for a sibling site on the same second level domain using this method.

Affected configurations

NVD

Node

haxxcurlRange7.71.0–7.84.0

Node

fedoraprojectfedoraMatch35

Node

debiandebian_linuxMatch11.0

Node

netappclustered_data_ontapMatch-

netappelement_softwareMatch-

netapphci_management_nodeMatch-

netappsolidfireMatch-

Node

netapph300sMatch-

AND

netapph300s_firmwareMatch-

Node

netapph500sMatch-

AND

netapph500s_firmwareMatch-

Node

netapph700sMatch-

AND

netapph700s_firmwareMatch-

Node

netapph410sMatch-

AND

netapph410s_firmwareMatch-

Node

applemacosRange<13.0

Node

siemensscalance_sc622-2c_firmwareRange<3.0

AND

siemensscalance_sc622-2cMatch-

Node

siemensscalance_sc626-2c_firmwareRange<3.0

AND

siemensscalance_sc626-2cMatch-

Node

siemensscalance_sc632-2c_firmwareRange<3.0

AND

siemensscalance_sc632-2cMatch-

Node

siemensscalance_sc636-2c_firmwareRange<3.0

AND

siemensscalance_sc636-2cMatch-

Node

siemensscalance_sc642-2c_firmwareRange<3.0

AND

siemensscalance_sc642-2cMatch-

Node

siemensscalance_sc646-2c_firmwareRange<3.0

AND

siemensscalance_sc646-2cMatch-

Node

splunkuniversal_forwarderRange8.2.0–8.2.12

splunkuniversal_forwarderRange9.0.0–9.0.6

splunkuniversal_forwarderMatch9.1.0

CPENameOperatorVersion
haxx:curlhaxx curllt7.84.0

CPE	Name	Operator	Version
haxx:curl	haxx curl	lt	7.84.0

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "https://github.com/curl/curl",
    "versions": [
      {
        "version": "Fixed in 7.84.0",
        "status": "affected"
      }
    ]
  }
]