CVSS: 3.7EPSS: 0%CPEs: 21EXPL: 1CVE-2022-35252 – curl: Incorrect handling of control code characters in cookies
https://notcve.org/view.php?id=CVE-2022-35252
02 Sep 2022 — When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings. Cuando curl es usado para recuperar y analizar las cookies de un servidor HTTP(S), acepta las cookies usando códigos de control que cuando son enviados de vuelta a un servidor HTTP podrían hacer que el servidor devolviera respuestas 400. En efe... • http://seclists.org/fulldisclosure/2023/Jan/20 • CWE-20: Improper Input Validation CWE-1286: Improper Validation of Syntactic Correctness of Input •
CVSS: 6.5EPSS: 0%CPEs: 33EXPL: 2CVE-2022-32206 – curl: HTTP compression denial of service
https://notcve.org/view.php?id=CVE-2022-32206
28 Jun 2022 — curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memo... • https://github.com/HimanshuS67/external_curl_AOSP10_CVE-2022-32206 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.9EPSS: 0%CPEs: 22EXPL: 1CVE-2022-32208 – curl: FTP-KRB bad message verification
https://notcve.org/view.php?id=CVE-2022-32208
28 Jun 2022 — When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. Cuando curl versiones anteriores a 7.84.0, hace transferencias FTP aseguradas por krb5, maneja inapropiadamente los fallos de verificación de mensajes. Este fallo hace posible que un ataque de tipo Man-In-The-Middle pase desapercibido e incluso permite inyectar datos al cliente A vu... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-787: Out-of-bounds Write CWE-840: Business Logic Errors CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •
CVSS: 5.7EPSS: 0%CPEs: 20EXPL: 1CVE-2022-27774 – curl: credential leak on redirect
https://notcve.org/view.php?id=CVE-2022-27774
01 Jun 2022 — An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. Una vulnerabilidad de credenciales insuficientemente protegidas se presenta en curl versión 4.9 a e incluyen curl versión 7.82.0 están afectados que podría permitir a un atacante para extraer cred... • https://hackerone.com/reports/1543773 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.5EPSS: 0%CPEs: 22EXPL: 1CVE-2022-27776 – curl: auth/cookie leak on redirect
https://notcve.org/view.php?id=CVE-2022-27776
01 Jun 2022 — A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. Una vulnerabilidad de credenciales insuficientemente protegidas fijada en curl versión 7.83.0, podría filtrar datos de autenticación o de encabezados de cookies en redireccionamientos HTTP al mismo host pero con otro número de puerto A vulnerability was found in curl. This security flaw allows leak authentication or cookie he... • https://hackerone.com/reports/1547048 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 1CVE-2022-27781 – curl: CERTINFO never-ending busy-loop
https://notcve.org/view.php?id=CVE-2022-27781
11 May 2022 — libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation. libcurl proporciona la opción "CURLOPT_CERTINFO" para permitir que las aplicaciones soliciten que se devuelvan detalles sobre la cadena de certificados de un servidor. Debido a una función errónea, un servidor mali... • https://hackerone.com/reports/1555441 • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-27782 – curl: TLS and SSH connection too eager reuse
https://notcve.org/view.php?id=CVE-2022-27782
11 May 2022 — libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily. libcurl reusaba una conexión creada previamente incluso cuando había sido cambiada una opción relacionada con TLS o SSH que d... • http://www.openwall.com/lists/oss-security/2023/03/20/6 • CWE-295: Improper Certificate Validation CWE-840: Business Logic Errors •
CVSS: 5.3EPSS: 0%CPEs: 45EXPL: 1CVE-2021-22925 – curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure
https://notcve.org/view.php?id=CVE-2021-22925
22 Jul 2021 — curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly when... • http://seclists.org/fulldisclosure/2021/Sep/39 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-908: Use of Uninitialized Resource •
CVSS: 3.1EPSS: 0%CPEs: 18EXPL: 2CVE-2021-22898 – curl: TELNET stack contents disclosure
https://notcve.org/view.php?id=CVE-2021-22898
26 May 2021 — curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol. curl versiones 7.7 hasta 7.76.1 suf... • http://www.openwall.com/lists/oss-security/2021/07/21/4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-908: Use of Uninitialized Resource CWE-909: Missing Initialization of Resource •
CVSS: 4.3EPSS: 0%CPEs: 72EXPL: 0CVE-2020-8284 – curl: FTP PASV command response can cause curl to connect to arbitrary host
https://notcve.org/view.php?id=CVE-2020-8284
09 Dec 2020 — A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. Un servidor malicioso puede usar la respuesta FTP PASV para engañar a curl versiones 7.73.0 y anteriores, para que se conecte de nuevo a una dirección IP y puerto determinados, y de esta manera pot... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •