Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2024/01/25 8:12 a.m.5 views

curl: Incorrect handling of control code characters in cookies

A vulnerability found in curl. This security flaw happens when curl is used to retrieve and parse cookies from an HTTPS server, where it accepts cookies using control codes byte values below 32, and also when cookies that contain such control codes are later sent back to an HTTPS server, possibly...

3.7CVSS6.8AI score0.01839EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.4 views

SUSE CVE-2022-32205

A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl 7.84.0 stores all of them. A sufficiently large amount of big cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger th...

4.9CVSS7.2AI score0.26915EPSS
Exploits1References44
SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.3 views

SUSE CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

3.7CVSS6.7AI score0.01839EPSS
Exploits1References102
OpenVAS
OpenVAS
added 2022/09/05 12:0 a.m.6 views

SUSE: Security Advisory (SUSE-SU-2022:3003-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.7CVSS6.2AI score0.01839EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/09/03 12:0 a.m.16 views

openSUSE: Security Advisory for curl (SUSE-SU-2022:3003-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

3.7CVSS6.7AI score0.01839EPSS
Exploits1References2
Rows per page
Query Builder