CVE-2024-2004

LOW

curl 7.85.0-8.6.0 - Protocol Filter Bypass via Empty Protocol Set

Title source: llm
STIX 2.1

Description

When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled. curl --proto -all,-http http://curl.se The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug.

References (13)

Core 13
Core References
Mailing List, Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jul/18
Mailing List, Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jul/19
Mailing List, Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jul/20
Mailing List, Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/03/27/1
Exploit, Issue Tracking, Third Party Advisory
https://hackerone.com/reports/2384833
Release Notes, Vendor Advisory
https://support.apple.com/kb/HT214118
Release Notes, Vendor Advisory
https://support.apple.com/kb/HT214119
Release Notes, Vendor Advisory
https://support.apple.com/kb/HT214120

Scores

CVSS v3 3.5
EPSS 0.0168
EPSS Percentile 73.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-436
Status published
Products (11)
apple/macos < 12.7.6
fedoraproject/fedora 39
fedoraproject/fedora 40
haxx/curl 7.85.0 - 8.7.0
netapp/bootstrap_os
netapp/h300s_firmware
netapp/h410s_firmware
netapp/h500s_firmware
netapp/h700s_firmware
netapp/ontap 9
... and 1 more
Published Mar 27, 2024
Tracked Since Feb 18, 2026