CVE-2022-35252: Input Validation
First published: Tue Aug 23 2022(Updated: )
A vulnerability found in curl. This security flaw happens when curl is used to retrieve and parse cookies from an HTTP(S) server, where it accepts cookies using control codes (byte values below 32), and also when cookies that contain such control codes are later sent back to an HTTP(S) server, possibly causing the server to return a 400 response. This issue effectively allows a "sister site" to deny service to siblings and cause a denial of service attack.
Credit: support@hackerone.com CVE-2022-35252 CVE-2022-35252 CVE-2022-35252 support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/jbcs-httpd24-curl | <0:7.86.0-2.el8 | 0:7.86.0-2.el8 |
| redhat/jbcs-httpd24-curl | <0:7.86.0-2.el7 | 0:7.86.0-2.el7 |
| redhat/curl | <0:7.61.1-30.el8 | 0:7.61.1-30.el8 |
| redhat/curl | <0:7.76.1-23.el9 | 0:7.76.1-23.el9 |
| redhat/curl | <7.85.0 | 7.85.0 |
| Apple macOS Monterey | <12.6.3 | 12.6.3 |
| curl | <7.85.0 | |
| NetApp Clustered Data ONTAP | ||
| Netapp Element Software | ||
| Netapp Hci Management Node | ||
| Netapp Solidfire | ||
| All of | ||
| Netapp Bootstrap Os | ||
| Netapp Hci Compute Node | ||
| All of | ||
| Netapp H300s Firmware | ||
| Netapp H300s | ||
| All of | ||
| Netapp H500s Firmware | ||
| Netapp H500s | ||
| All of | ||
| Netapp H700s Firmware | ||
| Netapp H700s | ||
| All of | ||
| Netapp H410s Firmware | ||
| Netapp H410s | ||
| Apple macOS | >=11.0<11.7.3 | |
| Apple macOS | >=12.0.0<12.6.3 | |
| Debian Debian Linux | =10.0 | |
| Splunk Universal Forwarder | >=8.2.0<8.2.12 | |
| Splunk Universal Forwarder | >=9.0.0<9.0.6 | |
| Splunk Universal Forwarder | =9.1.0 | |
| Netapp Bootstrap Os | ||
| Netapp Hci Compute Node | ||
| Netapp H300s Firmware | ||
| Netapp H300s | ||
| Netapp H500s Firmware | ||
| Netapp H500s | ||
| Netapp H700s Firmware | ||
| Netapp H700s | ||
| Netapp H410s Firmware | ||
| Netapp H410s | ||
| Apple macOS | <11.7.3 | 11.7.3 |
| Apple macOS | <13.1 | 13.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2022-35252 https://nvd.nist.gov/vuln/detail/CVE-2022-35252
- https://bugzilla.redhat.com/show_bug.cgi?id=2120718
- https://access.redhat.com/errata/RHSA-2022:8840
- https://access.redhat.com/errata/RHSA-2023:2963
- https://access.redhat.com/errata/RHSA-2023:2478
- https://access.redhat.com/errata/RHSA-2022:8841
- https://access.redhat.com/security/cve/cve-2022-35252
- http://seclists.org/fulldisclosure/2023/Jan/20
- http://seclists.org/fulldisclosure/2023/Jan/21
- https://hackerone.com/reports/1613943
- https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html
- https://security.gentoo.org/glsa/202212-01
- https://security.netapp.com/advisory/ntap-20220930-0005/
- https://support.apple.com/kb/HT213603
- https://support.apple.com/kb/HT213604
- https://support.apple.com/en-us/HT213532 (Advisory)
- https://support.apple.com/en-us/HT213604 (Advisory)
- https://support.apple.com/en-us/HT213603 (Advisory)
- https://curl.se/docs/CVE-2022-35252.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2122881
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2122882
- https://access.redhat.com/errata/RHSA-2024:0428
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2023-23499
- CVE-2022-42915
- CVE-2022-42916
- CVE-2022-32221
- CVE-2022-35260
- CVE-2022-35252
- CVE-2023-23513
- CVE-2023-23493
- CVE-2022-32915
- CVE-2023-23507
- CVE-2023-23516
- CVE-2023-23504
- CVE-2023-23502
- CVE-2022-42834
- CVE-2023-23497
- CVE-2023-23505
- CVE-2023-27931
- CVE-2023-23511
- CVE-2023-23518
- CVE-2023-23517
- CVE-2023-23508
- CVE-2022-42843
- CVE-2022-42858
- CVE-2022-42847
- CVE-2022-42865
- CVE-2022-42854
- CVE-2022-42853
- CVE-2022-42859
- CVE-2022-32942
- CVE-2022-46720
- CVE-2022-46710
- CVE-2022-46693
- CVE-2022-42864
- CVE-2022-46690
- CVE-2022-46697
- CVE-2022-42837
- CVE-2022-46689
- CVE-2022-46701
- CVE-2022-42842
- CVE-2022-42861
- CVE-2022-42845
- CVE-2022-48618
- CVE-2022-42839
- CVE-2022-46716
- CVE-2022-46704
- CVE-2022-32943
- CVE-2022-42840
- CVE-2022-42855
- CVE-2022-42862
- CVE-2022-24836
- CVE-2022-29181
- CVE-2022-46695
- CVE-2022-46718
- CVE-2022-46703
- CVE-2022-42866
- CVE-2022-32919
- CVE-2022-46725
- CVE-2022-46705
- CVE-2022-42867
- CVE-2022-46691
- CVE-2022-46692
- CVE-2022-42852
- CVE-2022-46696
- CVE-2022-46700
- CVE-2022-46698
- CVE-2022-46699
- CVE-2022-42863
- CVE-2022-42856
- CVE-2022-42841
Frequently Asked Questions
What is the vulnerability ID for this security flaw?
The vulnerability ID for this security flaw is CVE-2022-35252.
What is the severity of CVE-2022-35252?
The severity of CVE-2022-35252 is low with a CVSS score of 3.1.
Which software versions are affected by CVE-2022-35252?
The affected software versions are curl 7.85.0, jbcs-httpd24-curl 0:7.86.0-2.el8, jbcs-httpd24-curl 0:7.86.0-2.el7, curl 0:7.61.1-30.el8, curl 0:7.76.1-23.el9, macOS Big Sur 11.7.3, and macOS Monterey 12.6.3.
How can I fix the vulnerability?
To fix the vulnerability, update curl to version 7.85.0 or higher.
Where can I find more information about CVE-2022-35252?
You can find more information about CVE-2022-35252 at the following references: [Link 1](https://support.apple.com/en-us/HT213603), [Link 2](https://support.apple.com/en-us/HT213604), [Link 3](https://curl.se/docs/CVE-2022-35252.html).
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/description
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-35252
- agent/software-canonical-lookup
- agent/references
- agent/author
- collector/apple-support
- source/Apple
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- agent/tags
- agent/source
- package-manager/redhat
- vendor/apple
- canonical/apple macos monterey
- vendor/haxx
- canonical/curl
- vendor/netapp
- canonical/netapp clustered data ontap
- canonical/netapp element software
- canonical/netapp hci management node
- canonical/netapp solidfire
- canonical/netapp bootstrap os
- canonical/netapp hci compute node
- canonical/netapp h300s firmware
- canonical/netapp h300s
- canonical/netapp h500s firmware
- canonical/netapp h500s
- canonical/netapp h700s firmware
- canonical/netapp h700s
- canonical/netapp h410s firmware
- canonical/netapp h410s
- canonical/apple macos
- version/apple macos/11.0
- version/apple macos/12.0.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- vendor/splunk
- canonical/splunk universal forwarder
- version/splunk universal forwarder/8.2.0
- version/splunk universal forwarder/9.0.0
- version/splunk universal forwarder/9.1.0