CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS
Percentile
50.8%
The cURL command line utility vulnerability is related to how cookies with control codes (byte values less than 32) are processed.
codes (byte values less than 32). Exploitation of the vulnerability could allow an attacker acting remotely to send a cookie containing such control codes to a remote user.
remotely to send a cookie containing control codes that would cause the server to return a response of
400, effectively allowing a โsister siteโ to deny service to related sites