KurohiroH1:1753224

HistoryOct 27, 2022 - 3:19 p.m.

Internet Bug Bounty: CVE-2022-35260: .netrc parser out-of-bounds access

2022-10-2715:19:47

kurohiro

hackerone.com

internet bug bounty

cve-2022-35260

.netrc parser

out-of-bounds access

denial-of-service

bugbounty

0.002 Low

EPSS

Percentile

52.1%

JSON

Original Report:https://hackerone.com/reports/1721098

Impact

If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.

nvd

CVE-2022-35260

2022-12-05 22:15:10

prion

Stack overflow

2022-12-05 22:15:00

cve

CVE-2022-35260

2022-12-05 22:15:10

cvelist

CVE-2022-35260

2022-12-05 00:00:00

veracode

Denial Of Service (DoS)

2022-10-26 11:37:04

hackerone

curl: CVE-2022-35260: .netrc parser out-of-bounds access

2022-10-03 16:14:04

debiancve

CVE-2022-35260

2022-12-05 22:15:10

redhatcve

CVE-2022-35260

2022-10-26 17:23:37

cbl_mariner

CVE-2022-35260 affecting package tensorflow for versions less than 2.16.1-1

2024-04-17 22:02:46

osv

CVE-2022-35260

2022-12-05 22:15:10

.netrc parser out-of-bounds access

2022-10-26 08:00:00

curl vulnerabilities

2022-10-26 17:28:24

ubuntucve

CVE-2022-35260

2022-10-26 00:00:00

alpinelinux

CVE-2022-35260

2022-12-05 22:15:10

redos

ROS-20221222-02

2022-12-22 00:00:00

nessus

FreeBSD : curl -- multiple vulnerabilities (0f99a30c-7b4b-11ed-9168-080027f5fec9)

2022-12-13 00:00:00

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : curl vulnerabilities (USN-5702-1)

2022-10-26 00:00:00

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current curl Multiple Vulnerabilities (SSA:2022-299-01)

2022-10-27 00:00:00

openvas

Slackware: Security Advisory (SSA:2022-299-01)

2022-10-27 00:00:00

Oracle MySQL Server <= 5.7.40, 8.x <= 8.0.31 Security Update (cpujan2023) - Windows

2023-01-19 00:00:00

Fedora: Security Advisory for curl (FEDORA-2022-01ffde372c)

2022-10-31 00:00:00

fedora

[SECURITY] Fedora 35 Update: curl-7.79.1-7.fc35

2022-11-10 16:21:52

[SECURITY] Fedora 37 Update: curl-7.85.0-2.fc37

2022-11-10 22:54:26

[SECURITY] Fedora 36 Update: curl-7.82.0-9.fc36

2022-10-30 21:00:40

ibm

Security Bulletin: Multiple vulnerabilities in Curl affect PowerSC

2023-03-14 16:08:54

Security Bulletin: IBM QRadar Wincollect agent is vulnerable to using components with know vulnerabilities

2022-12-05 19:19:10

Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities fixed in 9.7.2.7

2023-04-25 08:12:52

amazon

Medium: curl

2022-12-01 20:31:00

slackware

[slackware-security] curl

2022-10-27 02:30:21

freebsd

curl -- multiple vulnerabilities

2022-10-26 00:00:00

cloudfoundry

USN-5702-1: curl vulnerabilities | Cloud Foundry

2023-05-18 00:00:00

ubuntu

curl vulnerabilities

2022-10-26 00:00:00

photon

Important Photon OS Security Update - PHSA-2022-3.0-0480

2022-10-29 00:00:00

Critical Photon OS Security Update - PHSA-2022-0533

2022-10-28 00:00:00

Critical Photon OS Security Update - PHSA-2022-0271

2022-10-28 00:00:00

ics

Siemens SINEC NMS Third-Party

2023-05-11 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

apple

About the security content of macOS Monterey 12.6.3

2023-01-23 00:00:00

About the security content of macOS Ventura 13.2

2023-01-23 00:00:00

gentoo

curl: Multiple Vulnerabilities

2022-12-19 00:00:00

oracle

Oracle Critical Patch Update Advisory - January 2023

2023-01-17 00:00:00

Internet Bug Bounty: CVE-2022-35260: .netrc parser out-of-bounds access

Impact

Related