CVE-2022-35252

CWE-20 — Improper Input Validation CWE-128615 documents10 sources

Severity

3.7LOW

EPSS

0.3%

top 47.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Macos Haxx Curl Splunk Universal Forwarder +2 more

Timeline

PublishedSep 23

Latest updateJan 23

Description

When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 2.2 | Impact: 1.4

Affected Packages5 packages

▶CVEListV5https://github.com/curl/curlFixed in curl 7.85.0

▶NVDhaxx/curl< 7.85.0

▶Debiancurl< 7.74.0-1.3+deb11u3+3

▶NVDapple/macos11.0 — 11.7.3+1

▶NVDsplunk/universal_forwarder8.2.0 — 8.2.12+2

Also affects: Debian Linux 10.0

🔴Vulnerability Details

GHSA

GHSA-qc3c-r429-gpgf: When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPse↗2022-09-25

▶

OSV

CVE-2022-35252: When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPse↗2022-09-23

▶

CVEList

CVE-2022-35252: When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPse↗2022-09-23

▶

📋Vendor Advisories

Apple

CVE-2022-35252: macOS Big Sur 11.7.3↗2023-01-23

▶

Apple

CVE-2023-23513: macOS Big Sur 11.7.3↗2023-01-23

▶

Apple

CVE-2022-35252: macOS Monterey 12.6.3↗2023-01-23

▶

Apple

CVE-2023-23513: macOS Monterey 12.6.3↗2023-01-23

▶

Apple

CVE-2022-35252: macOS Ventura 13.1↗2022-12-13

▶

💬Community

HackerOne

CVE-2022-35252: control code in cookie denial of service↗2022-11-05

▶

HackerOne

CVE-2022-35252: control code in cookie denial of service↗2022-08-31

▶