libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain. — CVE-2022-27779

Zusammenfassung

Sicherheitshinweis CVE-2022-27779. libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to… Hersteller: Microsoft. Quelle: MSRC. Risiko: medium. CVSS 5.3.…

Was tun?

Allgemeine, vorsichtige Schritte (bitte prüfe die offizielle Quelle für Details):

• Prüfe Exponierung und plane Maßnahmen nach Risiko und Umfeld.
• Identifiziere betroffene Produktversionen und prüfe, ob du betroffen bist.
• Spiele Hersteller-Updates/Patches ein oder setze empfohlene Mitigations um.
• Lies das offizielle Advisory für betroffene Versionen und konkrete Schritte.

Offizielles Advisory

Zur offiziellen Quelle

Mehr dazu

• .NET and Visual Studio Information Disclosure Vulnerability CVE-2022-30184
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2020-28493
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2021-22570
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2021-3733
• An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. CVE-2022-27774
• An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors. CVE-2022-33068
• Azure Service Fabric Container Elevation of Privilege Vulnerability CVE-2022-30137
• containerd CRI plugin: Host memory exhaustion through ExecSync CVE-2022-31030
• Das U-Boot 2022.01 has a Buffer Overflow. CVE-2022-30552
• Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission. CVE-2022-34176
• Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability CVE-2022-30154
• Microsoft Office Information Disclosure Vulnerability CVE-2022-30159