PT-2022-4990 · Curl+10 · Curl+10

Haxatron1

·

Published

2022-06-26

·

Updated

2026-05-18

·

CVE-2022-35252

CVSS v3.1

3.7

Low

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Name of the Vulnerable Software and Affected Versions cURL versions prior to 7.85.0
Description The issue is related to insufficient input validation when handling cookies with control codes, specifically byte values less than 32. This can be exploited by a remote attacker to cause a denial of service (400 Bad Request error) by sending specially crafted cookie files. The vulnerability effectively allows a "sister site" to deny service to all siblings when curl is used to retrieve and parse cookies from an HTTP(S) server.
Recommendations For versions prior to 7.85.0, update to curl version 7.85.0 to resolve the issue. As a temporary workaround, consider restricting the use of control codes in cookies to minimize the risk of exploitation. Avoid using cookies that contain control codes (byte values below 32) in the affected API endpoints until the issue is resolved.

Exploit

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-1286

Related Identifiers

ALSA-2023:2478
ALSA-2023:2963
ALT-PU-2022-2524
ALT-PU-2022-2588
ALT-PU-2022-2874
AZL-11046
BDU:2022-06193
CESA-2023_2963
CLEANSTART-2026-AY18527
CLEANSTART-2026-BW46578
CLEANSTART-2026-DI23929
CLEANSTART-2026-LQ42192
CLEANSTART-2026-OF85770
CVE-2022-35252
DLA-3288-1
MGASA-2022-0333
OESA-2022-1908
OPENSUSE-SU-2022_3003-1
OPENSUSE-SU-2022_3004-1
OPENSUSE-SU-2024:12293-1
RHSA-2022:8840
RHSA-2023:2478
RHSA-2023:2963
RHSA-2023_2478
RHSA-2023_2963
RHSA-2024:0428
SUSE-SU-2022:3003-1
SUSE-SU-2022:3004-1
SUSE-SU-2022:3005-1
SUSE-SU-2022:3772-1
SUSE-SU-2022:3774-1
SUSE-SU-2022_3003-1
SUSE-SU-2022_3004-1
SUSE-SU-2022_3005-1
USN-5587-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Apple Macos
Red Hat
Red Os
Suse
Ubuntu
Curl