Astra Linux – Vulnerability in curl

When curl is used to retrieve and parse cookies from an HTTPS server, it accepts cookies using control codes that, when sent back to an HTTP server later, may cause the server to return 400 responses. This effectively allows a “sister site” to deny service to all other sibling sites...

curl: Incorrect handling of control code characters in cookies

A vulnerability found in curl. This security flaw happens when curl is used to retrieve and parse cookies from an HTTPS server, where it accepts cookies using control codes byte values below 32, and also when cookies that contain such control codes are later sent back to an HTTPS server, possibly...

ROS-20221007-21

The cURL command line utility vulnerability is related to how cookies with control codes byte values less than 32 are handled. codes byte values less than 32. Exploitation of the vulnerability could allow an attacker acting remotely to send a cookie containing such control codes to a remote user...

control code in cookie denial of service

When curl retrieves and parses cookies from an HTTPS server, it accepts cookies using control codes byte values below 32. When cookies that contain such control codes are later sent back to an HTTPS server, it might make the server return a 400 response. Effectively allowing a "sister site" to de...

UBUNTU-CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...