1. CVE-Search
  2. CVE-2022-35260
ID CVE-2022-35260
Summary curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.
References
Vulnerable Configurations
  • cpe:2.3:a:haxx:curl:7.84.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.84.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:curl:7.85.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:curl:7.85.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
  • cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
    cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
  • cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
    cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
  • cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
    cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
  • cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
    cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:1.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:7.5.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:7.5.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:7.6.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:7.6.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:8.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:8.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:8.5:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:8.5:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:8.6:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:8.6:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:9:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:9:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:security_update_2020-001:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:security_update_2020-001:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:security_update_2021-001:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:security_update_2021-001:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:security_update_2021-002:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:security_update_2021-002:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:security_update_2021-003:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:security_update_2021-003:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:security_update_2021-004:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:security_update_2021-004:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:security_update_2021-005:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:security_update_2021-005:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:security_update_2021-006:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:security_update_2021-006:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:security_update_2021-007:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:security_update_2021-007:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:security_update_2021-008:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:security_update_2021-008:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:security_update_2022-001:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:security_update_2022-001:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:security_update_2022-002:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:security_update_2022-002:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:security_update_2022-003:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:security_update_2022-003:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:10.15.7:supplemental_update:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:10.15.7:supplemental_update:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.1.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.3.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.3.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.4:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.4:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.5:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.5:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.6:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.6:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.6.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.6.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.6.5:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.6.5:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.6.6:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.6.6:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.6.7:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.6.7:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.6.8:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.6.8:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.7:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.7:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.7.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.7.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.7.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.7.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.7.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.7.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.7.5:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.7.5:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.7.7:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.7.7:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:11.7.9:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:11.7.9:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:12.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:12.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:12.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:12.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:12.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:12.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:12.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:12.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:12.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:12.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:12.4:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:12.4:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:12.5:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:12.5:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:12.6:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:12.6:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:12.6.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:12.6.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:12.6.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:12.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:9.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:9.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:9.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:9.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:9.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:9.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:9.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:9.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:9.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:9.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:9.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:9.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:8.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:8.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:8.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:8.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:8.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:8.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:8.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:8.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:8.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:8.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:universal_forwarder:8.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:universal_forwarder:8.2.11:*:*:*:*:*:*:*
CVSS
Base: None
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 27-03-2024 - 15:00
Published 05-12-2022 - 22:15
Last modified 27-03-2024 - 15:00
Back to Top