4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
68.1%
A malicious server can serve excessive amounts of Set-Cookie:
headers in
a HTTP response to curl and curl < 7.84.0 stores all of them. A
sufficiently large amount of (big) cookies make subsequent HTTP requests to
this, or other servers to which the cookies match, create requests that
become larger than the threshold that curl uses internally to avoid sending
crazy large requests (1048576 bytes) and instead returns an error.This
denial state might remain for as long as the same cookies are kept, match
and havenโt expired. Due to cookie matching rules, a server on
foo.example.com
can set cookies that also would match for
bar.example.com
, making it it possible for a โsister serverโ to
effectively cause a denial of service for a sibling site on the same second
level domain using this method.
Author | Note |
---|---|
mdeslaur | introduced in 7.71.0 |
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
68.1%