Plateforme
c
Composant
curl
Corrigé dans
7.51.1
CVE-2016-8622 describes a heap overflow vulnerability discovered in libcurl versions 7.51.0 through 7.51.0. This flaw arises from an issue in the URL percent-encoding decode function, curleasyunescape, which can lead to out-of-bounds writes when handling specially crafted URLs. The vulnerability has been assigned a CVSS score of 3.7 (LOW). A patch is available in libcurl version 7.51.0.
An attacker could exploit this vulnerability by sending a specially crafted URL to an application using the vulnerable version of libcurl. The crafted URL would trigger the out-of-bounds write in the curleasyunescape function, potentially overwriting critical data in the heap. This could lead to a denial-of-service (DoS) condition, causing the application to crash. In a worst-case scenario, an attacker might be able to leverage this overflow to execute arbitrary code, although this would require further exploitation and is considered less likely given the LOW CVSS score. The blast radius is limited to the application using libcurl; however, widespread use of libcurl means many applications could be affected.
CVE-2016-8622 was publicly disclosed on July 31, 2018. There is no indication of active exploitation campaigns targeting this vulnerability. No public proof-of-concept (PoC) code has been released. The vulnerability is not currently listed on the CISA KEV catalog. The LOW CVSS score suggests a relatively low probability of exploitation.
Applications that rely on libcurl for network communication are at risk. This includes web servers, email clients, and any software that uses libcurl to transfer data over HTTP, HTTPS, FTP, or other protocols. Systems using older, unpatched versions of libcurl are particularly vulnerable.
• linux / server:
ps aux | grep curl• c / generic web:
curl -I https://example.com --dump-header - | grep libcurl• generic web: Inspect application logs for errors related to libcurl or memory allocation failures.
discovery
disclosure
Statut de l'Exploit
Vecteur CVSS
The primary mitigation for CVE-2016-8622 is to upgrade to libcurl version 7.51.0 or later, which contains the fix. If upgrading is not immediately feasible, consider implementing input validation to sanitize URLs before they are processed by libcurl. Specifically, limit the length of URLs and carefully examine percent-encoded characters. Web application firewalls (WAFs) can be configured to detect and block requests containing suspicious URL patterns. While no specific Sigma or YARA rules exist for this vulnerability, monitoring for unexpected application crashes or memory corruption errors related to libcurl can provide early detection.
Actualice a la versión 7.51.0 o posterior de libcurl para mitigar la vulnerabilidad. Esta actualización corrige un error de desbordamiento de búfer en la función de decodificación de URL percent-encoding, evitando la posible ejecución de código arbitrario.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2016-8622 is a heap overflow vulnerability in libcurl versions 7.51.0–7.51.0, caused by improper URL percent-encoding decoding. It can lead to out-of-bounds writes and potential DoS.
You are affected if your application uses libcurl version 7.51.0 or earlier. Check your libcurl version and upgrade if necessary.
Upgrade to libcurl version 7.51.0 or later. This version includes a patch that resolves the heap overflow vulnerability.
There is no current evidence of active exploitation campaigns targeting CVE-2016-8622.
Refer to the libcurl security advisory: https://curl.se/security/advisories/
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.