exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2022-35252

Status Candidate

Overview

When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.

Related Files

Red Hat Security Advisory 2024-0428-03
Posted Jan 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0428-03 - An update for curl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2022-35252
SHA-256 | d58d2a2dbc37e85d4cd1ee28bfbecd467ec0bfb9454c68b2dfa53339736160ff
Red Hat Security Advisory 2023-4576-01
Posted Aug 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4576-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-24736, CVE-2022-35252, CVE-2022-36227, CVE-2022-43552, CVE-2023-0361, CVE-2023-1667, CVE-2023-2283, CVE-2023-24329, CVE-2023-26604, CVE-2023-27535, CVE-2023-3089, CVE-2023-38408
SHA-256 | b9b138ef5ed2017d1d6071fb95c69743b0800e58f2f41055d4d6bcb0d2caee06
Red Hat Security Advisory 2023-4488-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4488-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.

tags | advisory
systems | linux, redhat, windows
advisories | CVE-2020-24736, CVE-2022-27191, CVE-2022-30629, CVE-2022-35252, CVE-2022-36227, CVE-2022-43552, CVE-2023-0361, CVE-2023-1667, CVE-2023-2283, CVE-2023-25173, CVE-2023-26604, CVE-2023-27535
SHA-256 | 252acb6439c37d57d435d183f3aa4787523afbcaecc3e6fbfba5f267fd67ba49
Red Hat Security Advisory 2023-2963-01
Posted May 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2963-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include file download and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2022-35252, CVE-2022-43552
SHA-256 | 006feb222afe5b1a95cbfec0de94409663f53491d7e4f71e806fdb198dcc2aea
Red Hat Security Advisory 2023-2478-01
Posted May 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2478-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a use-after-free vulnerability.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2022-35252, CVE-2022-43552
SHA-256 | e0f7c563d598654703d33220bd560353f3a8ce8b120fd69ae0599bb9c0ed485a
Apple Security Advisory 2023-01-23-6
Posted Jan 24, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-01-23-6 - macOS Big Sur 11.7.3 addresses buffer overflow, bypass, and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2022-35252, CVE-2023-23497, CVE-2023-23499, CVE-2023-23505, CVE-2023-23508, CVE-2023-23513, CVE-2023-23517, CVE-2023-23518
SHA-256 | aac95eb2a84296b6abbfaf3eadfc9a29430c5a2f313ef8710e3d5be26cb06bdb
Apple Security Advisory 2023-01-23-5
Posted Jan 24, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-01-23-5 - macOS Monterey 12.6.3 addresses buffer overflow, bypass, code execution, and information leakage vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2022-32221, CVE-2022-32915, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2023-23493, CVE-2023-23497, CVE-2023-23499, CVE-2023-23502, CVE-2023-23504, CVE-2023-23505, CVE-2023-23507, CVE-2023-23508
SHA-256 | 86dd9b786a0318174acd539801f6e3fe6a86591529277185d71eb7e9e3237c4d
Ubuntu Security Notice USN-5587-1
Posted Sep 2, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5587-1 - Axel Chong discovered that when curl accepted and sent back cookies containing control bytes that a HTTP server might return a 400 response. A malicious cookie host could possibly use this to cause denial-of-service.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2022-35252
SHA-256 | 783a742776e8641f029cc9092320eefeccee3992879f509b5e40616d136ea495
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close