3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
6.5 Medium
AI Score
Confidence
Low
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
50.2%
Axel Chong discovered that when curl accepted and sent back
cookies containing control bytes that a HTTP(S) server might
return a 400 (Bad Request Error) response. A malicious cookie
host could possibly use this to cause denial-of-service.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 22.04 | noarch | libcurl3-gnutls | < 7.81.0-1ubuntu1.4 | UNKNOWN |
Ubuntu | 22.04 | noarch | curl | < 7.81.0-1ubuntu1.4 | UNKNOWN |
Ubuntu | 22.04 | noarch | curl-dbgsym | < 7.81.0-1ubuntu1.4 | UNKNOWN |
Ubuntu | 22.04 | noarch | libcurl3-gnutls-dbgsym | < 7.81.0-1ubuntu1.4 | UNKNOWN |
Ubuntu | 22.04 | noarch | libcurl3-nss | < 7.81.0-1ubuntu1.4 | UNKNOWN |
Ubuntu | 22.04 | noarch | libcurl3-nss-dbgsym | < 7.81.0-1ubuntu1.4 | UNKNOWN |
Ubuntu | 22.04 | noarch | libcurl4 | < 7.81.0-1ubuntu1.4 | UNKNOWN |
Ubuntu | 22.04 | noarch | libcurl4-dbgsym | < 7.81.0-1ubuntu1.4 | UNKNOWN |
Ubuntu | 22.04 | noarch | libcurl4-doc | < 7.81.0-1ubuntu1.4 | UNKNOWN |
Ubuntu | 22.04 | noarch | libcurl4-gnutls-dev | < 7.81.0-1ubuntu1.4 | UNKNOWN |
3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
6.5 Medium
AI Score
Confidence
Low
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
50.2%