Описание
This flaw allows a malicious HTTP server to set "super cookies" in curl that
are then passed back to more origins than what is otherwise allowed or
possible. This allows a site to set cookies that then would get sent to
different and unrelated sites and domains.
It could do this by exploiting a mixed case flaw in curl's function that
verifies a given cookie domain against the Public Suffix List (PSL). For
example a cookie could be set with domain=co.UK when the URL used a lower
case hostname curl.co.uk, even though co.uk is listed as a PSL domain.
A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set "super cookies" in curl that are passed back to more origins than what is otherwise allowed or possible.
Отчет
When curl is built without PSL support, it cannot protect against this problem but it is expected to not allow "too wide" cookies when PSL support is enabled.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | curl | Not affected | ||
| Red Hat Enterprise Linux 7 | curl | Not affected | ||
| Red Hat Satellite 6 | puppet-agent | Affected | ||
| JBoss Core Services for RHEL 8 | jbcs-httpd24-curl | Fixed | RHSA-2024:1316 | 18.03.2024 |
| JBoss Core Services on RHEL 7 | jbcs-httpd24-curl | Fixed | RHSA-2024:1316 | 18.03.2024 |
| Red Hat Enterprise Linux 8 | curl | Fixed | RHSA-2024:1601 | 02.04.2024 |
| Red Hat Enterprise Linux 8.6 Extended Update Support | curl | Fixed | RHSA-2024:0428 | 25.01.2024 |
| Red Hat Enterprise Linux 8.8 Extended Update Support | curl | Fixed | RHSA-2024:0585 | 30.01.2024 |
| Red Hat Enterprise Linux 9 | curl | Fixed | RHSA-2024:1129 | 05.03.2024 |
| Red Hat Enterprise Linux 9 | curl | Fixed | RHSA-2024:1129 | 05.03.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.
This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.
This flaw allows a malicious HTTP server to set "super cookies" in cur ...
EPSS
5.3 Medium
CVSS3