Lucene search

HackeroneCVE-2022-32221

HistoryDec 05, 2022 - 10:15 p.m.

CVE-2022-32221

2022-12-0522:15:10

CWE-200

CWE-668

hackerone

web.nvd.nist.gov

547

cve

libcurl

http transfers

https transfers

read callback

vulnerability

curlopt_readfunction

put request

post request

logic flaw

nvd

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.008

Percentile

81.3%

JSON

When doing HTTP(S) transfers, libcurl might erroneously use the read callback (CURLOPT_READFUNCTION) to ask for data to send, even when the CURLOPT_POSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent POST request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.

Affected configurations

Nvd

Vulners

Node

haxxcurlRange<7.86.0

Node

netappclustered_data_ontapMatch-

Node

netapph300s_firmwareMatch-

AND

netapph300sMatch-

Node

netapph500s_firmwareMatch-

AND

netapph500sMatch-

Node

netapph700s_firmwareMatch-

AND

netapph700sMatch-

Node

netapph410s_firmwareMatch-

AND

netapph410sMatch-

Node

debiandebian_linuxMatch10.0

debiandebian_linuxMatch11.0

Node

applemacosRange<12.6.3

Node

splunkuniversal_forwarderRange8.2.0–8.2.12

splunkuniversal_forwarderRange9.0.0–9.0.6

splunkuniversal_forwarderMatch9.1.0

VendorProductVersionCPE
haxxcurl*cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*
netappclustered_data_ontap-cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
netapph300s_firmware-cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
netapph300s-cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
netapph500s_firmware-cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
netapph500s-cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
netapph700s_firmware-cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
netapph700s-cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
netapph410s_firmware-cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
netapph410s-cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
haxx	curl	*	cpe:2.3:a:haxx:curl::::::::
netapp	clustered_data_ontap	-	cpe:2.3:a:netapp:clustered_data_ontap:-:::::::*
netapp	h300s_firmware	-	cpe:2.3:o:netapp:h300s_firmware:-:::::::*
netapp	h300s	-	cpe:2.3:h:netapp:h300s:-:::::::*
netapp	h500s_firmware	-	cpe:2.3:o:netapp:h500s_firmware:-:::::::*
netapp	h500s	-	cpe:2.3:h:netapp:h500s:-:::::::*
netapp	h700s_firmware	-	cpe:2.3:o:netapp:h700s_firmware:-:::::::*
netapp	h700s	-	cpe:2.3:h:netapp:h700s:-:::::::*
netapp	h410s_firmware	-	cpe:2.3:o:netapp:h410s_firmware:-:::::::*
netapp	h410s	-	cpe:2.3:h:netapp:h410s:-:::::::*

Rows per page:

1-10 of 151

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "https://github.com/curl/curl",
    "versions": [
      {
        "version": "Fixed in 7.86.0",
        "status": "affected"
      }
    ]
  }
]