Lucene search
PRIOn knowledge basePRION:CVE-2022-35260HistoryDec 05, 2022 - 10:15 p.m.
Stack overflow
2022-12-0522:15:00
PRIOn knowledge base
www.prio-n.com
10
curl
.netrc file
buffer overflow
denial-of-service
nvd
curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.
Related
hackerone
hackerone
curl: CVE-2022-35260: .netrc parser out-of-bounds access
2022-10-03 16:14:04
Internet Bug Bounty: CVE-2022-35260: .netrc parser out-of-bounds access
2022-10-27 15:19:47
debiancve
debiancve
CVE-2022-35260
2022-12-05 22:15:10
redhatcve
redhatcve
CVE-2022-35260
2022-10-26 17:23:37
nvd
nvd
CVE-2022-35260
2022-12-05 22:15:10
cbl_mariner
cbl_mariner
CVE-2022-35260 affecting package tensorflow for versions less than 2.16.1-1
2024-04-17 22:02:46
osv
osv
CVE-2022-35260
2022-12-05 22:15:10
.netrc parser out-of-bounds access
2022-10-26 08:00:00
curl vulnerabilities
2022-10-26 17:28:24
cve
cve
CVE-2022-35260
2022-12-05 22:15:10
cvelist
cvelist
CVE-2022-35260
2022-12-05 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-10-26 11:37:04
ubuntucve
ubuntucve
CVE-2022-35260
2022-10-26 00:00:00
alpinelinux
alpinelinux
CVE-2022-35260
2022-12-05 22:15:10
redos
redos
ROS-20221222-02
2022-12-22 00:00:00
nessus
nessus
openvas
openvas
Slackware: Security Advisory (SSA:2022-299-01)
2022-10-27 00:00:00
Oracle MySQL Server <= 5.7.40, 8.x <= 8.0.31 Security Update (cpujan2023) - Linux
2023-01-19 00:00:00
Fedora: Security Advisory for curl (FEDORA-2022-39688a779d)
2022-11-11 00:00:00
amazon
amazon
Medium: curl
2022-12-01 20:31:00
fedora
fedora
[SECURITY] Fedora 37 Update: curl-7.85.0-2.fc37
2022-11-10 22:54:26
[SECURITY] Fedora 36 Update: curl-7.82.0-9.fc36
2022-10-30 21:00:40
[SECURITY] Fedora 35 Update: curl-7.79.1-7.fc35
2022-11-10 16:21:52
ibm
ibm
slackware
slackware
[slackware-security] curl
2022-10-27 02:30:21
freebsd
freebsd
curl -- multiple vulnerabilities
2022-10-26 00:00:00
cloudfoundry
cloudfoundry
USN-5702-1: curl vulnerabilities | Cloud Foundry
2023-05-18 00:00:00
ubuntu
ubuntu
curl vulnerabilities
2022-10-26 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-3.0-0480
2022-10-29 00:00:00
Critical Photon OS Security Update - PHSA-2022-0533
2022-10-28 00:00:00
Critical Photon OS Security Update - PHSA-2022-0271
2022-10-28 00:00:00
ics
ics
Siemens SINEC NMS Third-Party
2023-05-11 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
apple
apple
About the security content of macOS Monterey 12.6.3
2023-01-23 00:00:00
About the security content of macOS Ventura 13.2
2023-01-23 00:00:00
gentoo
gentoo
curl: Multiple Vulnerabilities
2022-12-19 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00