CVE-2022-27779
Description
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2022-27779.html
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2022-27779
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| arch | fixed | 7.83.1-1 | |
| debian | bookworm | fixed | 7.83.1-1 |
| debian | bullseye | fixed | 0 |
| debian | forky | fixed | 7.83.1-1 |
| debian | sid | fixed | 7.83.1-1 |
| debian | trixie | fixed | 7.83.1-1 |
| sles | affected | |
References
Verify integrity in audit chain (admin only). AS-IS.