First published: Thu Jul 07 2022(Updated: )
A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on `foo.example.com` can set cookies that also would match for `bar.example.com`, making it it possible for a "sister server" to effectively cause a denial of service for a sibling site on the same second level domain using this method.
Credit: support@hackerone.com CVE-2022-32205 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208 support@hackerone.com
Affected Software | Affected Version | How to fix |
---|---|---|
debian/curl | 7.64.0-4+deb10u2 7.64.0-4+deb10u7 7.74.0-1.3+deb11u9 7.74.0-1.3+deb11u10 7.88.1-10+deb12u3 7.88.1-10+deb12u4 8.4.0-2 | |
Apple macOS Ventura | <13 | 13 |
Haxx Curl | >=7.71.0<7.84.0 | |
Fedoraproject Fedora | =35 | |
Debian Debian Linux | =11.0 | |
NetApp Clustered Data ONTAP | ||
Netapp Element Software | ||
Netapp Hci Management Node | ||
Netapp Solidfire | ||
Netapp H300s Firmware | ||
Netapp H300s | ||
Netapp H500s Firmware | ||
Netapp H500s | ||
Netapp H700s Firmware | ||
Netapp H700s | ||
Netapp H410s Firmware | ||
Netapp H410s | ||
Apple macOS | <13.0 | |
Siemens Scalance Sc622-2c Firmware | <3.0 | |
Siemens Scalance Sc622-2c | ||
Siemens Scalance Sc626-2c Firmware | <3.0 | |
Siemens Scalance Sc626-2c | ||
Siemens Scalance Sc632-2c Firmware | <3.0 | |
Siemens Scalance Sc632-2c | ||
Siemens Scalance Sc636-2c Firmware | <3.0 | |
Siemens Scalance Sc636-2c | ||
Siemens Scalance Sc642-2c Firmware | <3.0 | |
Siemens Scalance Sc642-2c | ||
Siemens Scalance Sc646-2c Firmware | <3.0 | |
Siemens Scalance Sc646-2c | ||
All of | ||
Netapp H300s | ||
Netapp H300s Firmware | ||
All of | ||
Netapp H500s | ||
Netapp H500s Firmware | ||
All of | ||
Netapp H700s | ||
Netapp H700s Firmware | ||
All of | ||
Netapp H410s | ||
Netapp H410s Firmware | ||
All of | ||
Siemens Scalance Sc622-2c Firmware | <3.0 | |
Siemens Scalance Sc622-2c | ||
All of | ||
Siemens Scalance Sc626-2c Firmware | <3.0 | |
Siemens Scalance Sc626-2c | ||
All of | ||
Siemens Scalance Sc632-2c Firmware | <3.0 | |
Siemens Scalance Sc632-2c | ||
All of | ||
Siemens Scalance Sc636-2c Firmware | <3.0 | |
Siemens Scalance Sc636-2c | ||
All of | ||
Siemens Scalance Sc642-2c Firmware | <3.0 | |
Siemens Scalance Sc642-2c | ||
All of | ||
Siemens Scalance Sc646-2c Firmware | <3.0 | |
Siemens Scalance Sc646-2c | ||
Splunk Universal Forwarder | >=8.2.0<8.2.12 | |
Splunk Universal Forwarder | >=9.0.0<9.0.6 | |
Splunk Universal Forwarder | =9.1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2022-32205 is a vulnerability in curl version 7.84.0 and earlier that allows a malicious server to serve excessive amounts of `Set-Cookie:` headers and store all of them, potentially creating large subsequent HTTP requests.
The vulnerability affects macOS Ventura version up to 13 and curl versions 7.64.0-4+deb10u2, 7.64.0-4+deb10u6, 7.74.0-1.3+deb11u7, 7.88.1-10, 7.88.1-10+deb12u1, 7.88.1-11, and 8.2.1-1 on Debian.
To fix the vulnerability, update curl to version 7.84.0 or later.
You can find more information about CVE-2022-32205 in the official CVE report at https://curl.se/docs/CVE-2022-32205.html.
Yes, you can find the code changes related to CVE-2022-32205 in the curl repository on GitHub at https://github.com/curl/curl/commit/ed35d6590e72c23c568af1e3b8ac6e4e2d883888 and https://github.com/curl/curl/commit/48d7064a49148f03942380967da739dcde1cdc24.