Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-35260

curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.

Published

2022-12-05T22:15:10.743

Last Modified

2024-11-21T07:10:59.573

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-125
Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	haxx	curl	< 7.86.0	Yes
Application	netapp	clustered_data_ontap	-	Yes
Operating System	netapp	h300s_firmware	-	Yes
Hardware	netapp	h300s	-	No
Operating System	netapp	h500s_firmware	-	Yes
Hardware	netapp	h500s	-	No
Operating System	netapp	h700s_firmware	-	Yes
Hardware	netapp	h700s	-	No
Operating System	netapp	h410s_firmware	-	Yes
Hardware	netapp	h410s	-	No
Operating System	apple	macos	< 12.6.3	Yes
Application	splunk	universal_forwarder	< 8.2.12	Yes
Application	splunk	universal_forwarder	< 9.0.6	Yes
Application	splunk	universal_forwarder	9.1.0	Yes

References

http://seclists.org/fulldisclosure/2023/Jan/19 Mailing List, Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2023/Jan/20 Mailing List, Third Party Advisory ([email protected])
https://hackerone.com/reports/1721098 Exploit, Patch, Third Party Advisory ([email protected])
https://security.gentoo.org/glsa/202212-01 Third Party Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20230110-0006/ Third Party Advisory ([email protected])
https://support.apple.com/kb/HT213604 Third Party Advisory ([email protected])
https://support.apple.com/kb/HT213605 Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2023/Jan/19 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2023/Jan/20 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://hackerone.com/reports/1721098 Exploit, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/202212-01 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20230110-0006/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT213604 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT213605 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)