Описание
[REJECTED CVE] A vulnerability has been identified in libcurl, where a FILE:// URL crafted with two slashes (or backslashes) followed by a hostname can cause Windows systems to treat the path as an SMB request instead of accessing a local file. This unintended behavior may allow an attacker to redirect file access requests to a malicious SMB server. Applications that allow user-provided URLs or URL parts are particularly vulnerable, potentially exposing sensitive data or enabling unauthorized network interactions.
Отчет
This bug only exists when libcurl runs on a Microsoft Windows operating system.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| .NET Core 2.1 on Red Hat Enterprise Linux | rh-dotnet21-curl | Not affected | ||
| .NET Core 2.2 on Red Hat Enterprise Linux | rh-dotnet22-curl | Not affected | ||
| Red Hat Enterprise Linux 5 | curl | Not affected | ||
| Red Hat Enterprise Linux 6 | curl | Not affected | ||
| Red Hat Enterprise Linux 7 | curl | Not affected | ||
| Red Hat Enterprise Linux 8 | curl | Not affected | ||
| Red Hat JBoss Core Services | jbcs-httpd24-curl | Not affected | ||
| Red Hat JBoss Web Server 5 | curl | Not affected | ||
| Red Hat Software Collections | httpd24-curl | Not affected |
Показывать по
Дополнительная информация
Статус:
3.3 Low
CVSS3
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
CURL before 7.68.0 lacks proper input validation, which allows users to create a `FILE:` URL that can make the client access a remote file using SMB (Windows-only issue).
3.3 Low
CVSS3