The cURL command line utility vulnerability is related to how cookies with control codes (byte values less than 32) are processed.
codes (byte values less than 32). Exploitation of the vulnerability could allow an attacker acting remotely to send a cookie containing such control codes to a remote user.
remotely to send a cookie containing control codes that would cause the server to return a response of
400, effectively allowing a “sister site” to deny service to related sites

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64curl< 7.81.0-4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
redos	7.3	x86_64	curl	< 7.81.0-4	UNKNOWN

fedora 3

nessus 53

slackware 1

openvas 30

cvelist 1

hackerone 2

ubuntucve 1

ubuntu 1

ibm 18

alpinelinux 1

veracode 1

osv 6

cloudfoundry 1

suse 2

cbl_mariner 2

mageia 1

nvd 1

prion 1

redhatcve 1

cve 1

debiancve 1

oraclelinux 2

almalinux 2

redhat 10

photon 5

amazon 2

debian 1

ics 5

apple 3

gentoo 1

tenable 1

fedora

[SECURITY] Fedora 35 Update: curl-7.79.1-6.fc35

2022-09-19 01:21:12

[SECURITY] Fedora 37 Update: curl-7.85.0-1.fc37

2022-09-14 00:23:17

[SECURITY] Fedora 36 Update: curl-7.82.0-8.fc36

2022-09-06 10:05:29

nessus

EulerOS 2.0 SP8 : curl (EulerOS-SA-2022-2790)

2022-12-08 00:00:00

Siemens SCALANCE XCM332 Improper Validation of Syntactic Correctness of Input (CVE-2022-35252)

2023-05-02 00:00:00

EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2023-1186)

2023-01-10 00:00:00

slackware

[slackware-security] curl

2022-09-01 03:09:16

openvas

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1186)

2023-01-12 00:00:00

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1143)

2023-01-12 00:00:00

openSUSE: Security Advisory for curl (SUSE-SU-2022:3004-1)

2022-09-03 00:00:00

cvelist

CVE-2022-35252

2022-09-23 00:00:00

hackerone

curl: CVE-2022-35252: control code in cookie denial of service

2022-06-26 08:46:53

Internet Bug Bounty: CVE-2022-35252: control code in cookie denial of service

2022-08-31 10:55:50

ubuntucve

CVE-2022-35252

2022-08-31 00:00:00

ubuntu

curl vulnerability

2022-09-01 00:00:00

ibm

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Input Validation in Curl (CVE-2022-35252)

2023-11-01 20:02:09

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in cURL libcurl (CVE-2022-35252)

2023-07-27 17:27:40

Security Bulletin: Vulnerabilities in cURL libcurl, PostgreSQL, PyPI cryptography, Node.js can affect IBM Spectrum Protect Plus

2023-06-20 16:46:31

alpinelinux

CVE-2022-35252

2022-09-23 14:15:12

veracode

Denial Of Service (DoS)

2022-09-01 05:02:48

osv

curl vulnerability

2022-09-01 21:04:02

control code in cookie denial of service

2022-08-31 08:00:00

CVE-2022-35252

2022-09-23 14:15:12

cloudfoundry

USN-5587-1: curl vulnerability | Cloud Foundry

2022-09-29 00:00:00

suse

Security update for curl (low)

2022-09-02 00:00:00

Security update for curl (low)

2022-09-02 00:00:00

cbl_mariner

CVE-2022-35252 affecting package curl for versions less than 7.86.0-1

2022-11-16 02:26:15

CVE-2022-35252 affecting package curl 7.84.0-1

2022-11-24 00:45:35

mageia

Updated curl packages fix security vulnerability

2022-09-16 22:39:55

nvd

CVE-2022-35252

2022-09-23 14:15:12

prion

Design/Logic Flaw

2022-09-23 14:15:00

redhatcve

CVE-2022-35252

2022-08-31 19:59:52

cve

CVE-2022-35252

2022-09-23 14:15:12

debiancve

CVE-2022-35252

2022-09-23 14:15:12

oraclelinux

curl security and bug fix update

2023-05-24 00:00:00

curl security update

2023-05-15 00:00:00

almalinux

Low: curl security update

2023-05-09 00:00:00

Low: curl security and bug fix update

2023-05-16 00:00:00

redhat

(RHSA-2023:2963) Low: curl security and bug fix update

2023-05-16 05:59:21

(RHSA-2023:2478) Low: curl security update

2023-05-09 05:11:57

(RHSA-2024:0428) Moderate: curl security and bug fix update

2024-01-24 14:40:32

photon

Important Photon OS Security Update - PHSA-2022-0240

2022-09-05 00:00:00

Important Photon OS Security Update - PHSA-2022-4.0-0240

2022-09-05 00:00:00

Critical Photon OS Security Update - PHSA-2022-0512

2022-09-06 00:00:00

amazon

Medium: curl

2022-10-31 19:40:00

Medium: curl

2022-12-01 17:33:00

debian

[SECURITY] [DLA 3288-1] curl security update

2023-01-28 21:19:47

ics

Siemens SINEC NMS Third-Party

2023-05-11 12:00:00

Siemens SCALANCE XCM332

2023-04-13 12:00:00

Siemens SINAMICS Medium Voltage Products

2023-06-15 12:00:00

apple

About the security content of macOS Big Sur 11.7.3

2023-01-23 00:00:00

About the security content of macOS Monterey 12.6.3

2023-01-23 00:00:00

About the security content of macOS Ventura 13.1

2022-12-13 00:00:00

gentoo

curl: Multiple Vulnerabilities

2022-12-19 00:00:00

tenable

[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities

2023-06-29 10:45:47

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

3.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS

0.001

Percentile

50.8%

JSON

Related for ROS-20221007-01