CVE-2022-30115
MEDIUMcurl 7.82.0-7.83.0 - Cleartext Transmission of Sensitive Information via HSTS Bypass
Title source: llmDescription
Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL.
References (5)
Core 5
Core References
Mailing List, Patch, Third Party Advisory mailing-list
http://www.openwall.com/lists/oss-security/2022/10/26/4
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202212-01
Mailing List, Third Party Advisory mailing-list
http://www.openwall.com/lists/oss-security/2022/12/21/1
Exploit, Third Party Advisory
https://hackerone.com/reports/1557449
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220609-0009/
Scores
CVSS v3
4.3
EPSS
0.0008
EPSS Percentile
24.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-319
CWE-325
Status
published
Products (11)
haxx/curl
7.82.0 - 7.83.1
netapp/clustered_data_ontap
netapp/h300s_firmware
netapp/h410s_firmware
netapp/h500s_firmware
netapp/h700s_firmware
netapp/hci_bootstrap_os
netapp/solidfire\,_enterprise_sds_\&_hci_storage_node
netapp/solidfire_\&_hci_management_node
splunk/universal_forwarder
9.1.0
... and 1 more
Published
Jun 02, 2022
Tracked Since
Feb 18, 2026