Lucene search
K

19 matches found

OSV
OSV
added 2023/08/31 12:13 p.m.2 views

BELL-CVE-2022-32205 CVE-2022-32205 does not affect BellSoft software

Bulletin has no description...

4.3CVSS5.8AI score0.26915EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.49 views

Siemens SCALANCE XCM332 Allocation of Resources Without Limits or Throttling (CVE-2022-32205)

A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl 7.84.0 stores all of them. A sufficiently large amount of big cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger th...

4.3CVSS6.8AI score0.26915EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.66 views

CBL Mariner 2.0 Security Update: curl (CVE-2022-32205)

The version of curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-32205 advisory. - A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl 7.84...

4.3CVSS6.8AI score0.26915EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/12/28 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2890)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.3197EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2022/12/19 12:0 a.m.19 views

Western Digital My Cloud Multiple Products 5.x < 5.25.124 Multiple Vulnerabilities (WDC-22019)

Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

9.8CVSS7.4AI score0.3197EPSS
Exploits14References2
ICS
ICS
added 2022/12/13 12:0 a.m.60 views

Siemens SCALANCE SC-600 Family

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE SC-600 Family Vulnerability: Out-of-bounds Write, Use After Free, Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this...

7.8CVSS8.9AI score0.3197EPSS
Exploits3References11
Cloud Foundry
Cloud Foundry
added 2022/12/07 12:0 a.m.35 views

USN-5495-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.1...

9.8CVSS7.8AI score0.3197EPSS
Exploits4Affected Software3
OpenVAS
OpenVAS
added 2022/10/10 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2426)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.3197EPSS
Exploits4References2
CBLMariner
CBLMariner
added 2022/08/03 9:15 p.m.19 views

CVE-2022-32205 affecting package curl for versions less than 7.84.0-1

CVE-2022-32205 affecting package curl for versions less than 7.84.0-1. An upgraded version of the package is available that resolves this issue...

4.3CVSS7.1AI score0.26915EPSS
Exploits1
Debian
Debian
added 2022/08/01 4:58 p.m.206 views

[SECURITY] [DSA 5197-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5197-1 [email protected] https://www.debian.org/security/ Markus Koschany August 01, 2022 https://www.debian.org/security/faq -...

9.8CVSS8.1AI score0.3197EPSS
Exploits15
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.66 views

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2022:2305-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2305-1 advisory. - A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl...

9.8CVSS6.9AI score0.3197EPSS
Exploits4References13
Vulnrichment
Vulnrichment
added 2022/07/07 12:0 a.m.4 views

CVE-2022-32205

A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl 7.84.0 stores all of them. A sufficiently large amount of big cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger th...

4.6AI score0.26915EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2022/07/07 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2022:2305-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.3197EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/07/07 12:0 a.m.31 views

openSUSE: Security Advisory for curl (SUSE-SU-2022:2305-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.9AI score0.3197EPSS
Exploits4References2
CVE
CVE
added 2022/07/07 12:0 a.m.267 views

CVE-2022-32205

CVE-2022-32205 affects curl and can cause denial of service when a malicious server serves a large number of Set-Cookie headers. curl

4.3CVSS6.2AI score0.26915EPSS
Exploits1References9Affected Software1
Mageia
Mageia
added 2022/07/05 7:11 p.m.94 views

Updated curl packages fix security vulnerability

Set-Cookie denial of service. CVE-2022-32205 HTTP compression denial of service. CVE-2022-32206 Unpreserved file permissions. CVE-2022-32207 FTP-KRB bad message verification. CVE-2022-32208...

9.8CVSS1.2AI score0.3197EPSS
Exploits4References6
Slackware Linux
Slackware Linux
added 2022/06/28 7:27 p.m.48 views

[slackware-security] curl

New curl packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-7.84.0-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Set-Cookie denial of service. HTTP...

9.8CVSS0.3AI score0.3197EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2022/06/28 3:35 a.m.43 views

CVE-2022-32205

A vulnerability was found in curl. This issue occurs because a malicious server can serve excessive amounts of Set-Cookie: headers in an HTTP response to curl, which stores all of them. This flaw leads to a denial of service, either by mistake or by a malicious actor...

5.9CVSS1.8AI score0.26915EPSS
Exploits1References4
Hacker One
Hacker One
added 2022/06/27 7:1 a.m.80 views

Internet Bug Bounty: CVE-2022-32205: Set-Cookie denial of service

A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl stores all of them. A sufficiently large amount of big cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the...

4.3CVSS6.9AI score0.26915EPSS
Exploits1
Rows per page
Query Builder