CVE-2022-43552
CVSS V2 None
CVSS V3 None
Description
A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.
Overview
- CVE ID
- CVE-2022-43552
- Assigner
- support@hackerone.com
- Vulnerability Status
- Modified
- Published Version
- 2023-02-09T20:15:10
- Last Modified Date
- 2023-03-28T05:15:08
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:* | 1 | OR | 7.87.0 |
References
| Reference URL | Reference Tags |
|---|---|
| http://seclists.org/fulldisclosure/2023/Mar/17 | |
| https://hackerone.com/reports/1764858 | Exploit Issue Tracking Third Party Advisory |
| https://security.netapp.com/advisory/ntap-20230214-0002/ | Vendor Advisory |
| https://support.apple.com/kb/HT213670 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-43552 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-04-17 07:28:07 | Added to TrackCVE | |||
| 2023-04-17 07:28:09 | Weakness Enumeration | new |