Lucene search

K
osvGoogleOSV:CURL-CVE-2022-32221
HistoryOct 26, 2022 - 8:00 a.m.

POST following PUT confusion

2022-10-2608:00:00
Google
osv.dev
3
libcurl
http
transfer
issue
put
post
endpoint

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.8%

When doing HTTP(S) transfers, libcurl might erroneously use the read callback
(CURLOPT_READFUNCTION) to ask for data to send, even when the
CURLOPT_POSTFIELDS option has been set, if the same handle previously was
used to issue a PUT request which used that callback.

This flaw may surprise the application and cause it to misbehave and either
send off the wrong data or use memory after free or similar in the subsequent
POST request.

The problem exists in the logic for a reused handle when it is changed from a
PUT to a POST.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.8%