5 matches found
curl: Incorrect handling of control code characters in cookies
A vulnerability found in curl. This security flaw happens when curl is used to retrieve and parse cookies from an HTTPS server, where it accepts cookies using control codes byte values below 32, and also when cookies that contain such control codes are later sent back to an HTTPS server, possibly...
SUSE CVE-2022-32205
A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl 7.84.0 stores all of them. A sufficiently large amount of big cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger th...
SUSE CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...
SUSE: Security Advisory (SUSE-SU-2022:3003-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for curl (SUSE-SU-2022:3003-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...