19 matches found
BELL-CVE-2022-32205 CVE-2022-32205 does not affect BellSoft software
Bulletin has no description...
Siemens SCALANCE XCM332 Allocation of Resources Without Limits or Throttling (CVE-2022-32205)
A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl 7.84.0 stores all of them. A sufficiently large amount of big cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger th...
CBL Mariner 2.0 Security Update: curl (CVE-2022-32205)
The version of curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-32205 advisory. - A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl 7.84...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2890)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Western Digital My Cloud Multiple Products 5.x < 5.25.124 Multiple Vulnerabilities (WDC-22019)
Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...
Siemens SCALANCE SC-600 Family
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE SC-600 Family Vulnerability: Out-of-bounds Write, Use After Free, Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this...
USN-5495-1: curl vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.1...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2426)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-32205 affecting package curl for versions less than 7.84.0-1
CVE-2022-32205 affecting package curl for versions less than 7.84.0-1. An upgraded version of the package is available that resolves this issue...
[SECURITY] [DSA 5197-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5197-1 [email protected] https://www.debian.org/security/ Markus Koschany August 01, 2022 https://www.debian.org/security/faq -...
SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2022:2305-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2305-1 advisory. - A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl...
CVE-2022-32205
A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl 7.84.0 stores all of them. A sufficiently large amount of big cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger th...
CVE-2022-32205
CVE-2022-32205 affects curl and can cause denial of service when a malicious server serves a large number of Set-Cookie headers. curl
openSUSE: Security Advisory for curl (SUSE-SU-2022:2305-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:2305-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated curl packages fix security vulnerability
Set-Cookie denial of service. CVE-2022-32205 HTTP compression denial of service. CVE-2022-32206 Unpreserved file permissions. CVE-2022-32207 FTP-KRB bad message verification. CVE-2022-32208...
[slackware-security] curl
New curl packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-7.84.0-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Set-Cookie denial of service. HTTP...
CVE-2022-32205
A vulnerability was found in curl. This issue occurs because a malicious server can serve excessive amounts of Set-Cookie: headers in an HTTP response to curl, which stores all of them. This flaw leads to a denial of service, either by mistake or by a malicious actor...
Internet Bug Bounty: CVE-2022-32205: Set-Cookie denial of service
A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl stores all of them. A sufficiently large amount of big cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the...