CVE-2022-42915

CWE-41513 documents12 sources

Severity

8.1HIGH

EPSS

0.5%

top 35.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Macos Haxx Curl Splunk Universal Forwarder +1 more

Timeline

PublishedOct 29

Latest updateFeb 14

Description

curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling, this co…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages4 packages

▶NVDhaxx/curl7.77.0 — 7.86.0

▶Debiancurl< 7.86.0-1+2

▶NVDapple/macos12.0.0 — 12.6.3+1

▶NVDsplunk/universal_forwarder8.2.0 — 8.2.12+2

Also affects: Fedora 35, 36, 37

🔴Vulnerability Details

GHSA

GHSA-98w6-hw73-ph8m: curl before 7↗2022-10-30

▶

OSV

CVE-2022-42915: curl before 7↗2022-10-29

▶

CVEList

CVE-2022-42915: curl before 7↗2022-10-29

▶

📋Vendor Advisories

Apple

CVE-2022-42915: macOS Ventura 13.2↗2023-01-23

▶

Apple

CVE-2022-42915: macOS Monterey 12.6.3↗2023-01-23

▶

Oracle

Oracle Oracle Essbase Risk Matrix: Infrastructure (cURL) — CVE-2022-42915↗2023-01-15

▶

Red Hat

curl: HTTP proxy double-free↗2022-10-26

▶

Ubuntu

curl vulnerabilities↗2022-10-26

▶

🕵️Threat Intelligence

Trailofbits

cURL audit: How a joke led to significant findings↗2023-02-14

▶

💬Community

HackerOne

CVE-2022-42915: HTTP proxy double-free↗2022-11-26

▶