CVE-2022-32207

CRITICAL

curl <7.84.0 - Info Disclosure

Title source: llm

Description

When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.

References (8)

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2022/Oct/28

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2022/Oct/41

[Exploit, Third Party Advisory] https://hackerone.com/reports/1573634

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/

[Third Party Advisory] https://security.gentoo.org/glsa/202212-01

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20220915-0003/

[Third Party Advisory] https://support.apple.com/kb/HT213488

[Third Party Advisory] https://www.debian.org/security/2022/dsa-5197

Scores

CVSS v3 9.8

EPSS 0.0020

EPSS Percentile 42.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-840 CWE-276

Status published

Affected Products (15)

haxx/curl < 7.84.0

fedoraproject/fedora

debian/debian_linux

netapp/clustered_data_ontap

netapp/element_software

netapp/hci_management_node

netapp/solidfire

netapp/bootstrap_os

netapp/h300s_firmware

netapp/h500s_firmware

netapp/h700s_firmware

netapp/h410s_firmware

apple/macos < 13.0

splunk/universal_forwarder < 8.2.12

splunk/universal_forwarder

Timeline

Published Jul 07, 2022

Tracked Since Feb 18, 2026