Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
curl 安全漏洞
Vulnerability Description
curl是一款用于从服务器传输数据或向服务器传输数据的工具。 curl 4.9 到 7.84版本存在安全漏洞,该漏洞源于当 curl 从 HTTP(S) 服务器检索和解析 cookie 时,它使用控制代码(小于 32 的字节值)接受 cookie,当包含此类控制代码的 cookie 稍后被发送回 HTTP(S) 服务器时,它可能会使服务器返回 400 响应。
CVSS Information
N/A
Vulnerability Type
N/A