URL Percent-Encoding Decode Function Vulnerability in libcurl
CVE-2016-8622

3.7LOW

Key Information:

Vendor: The Curl Project
Status: Curl
Vendor: CVE Published:; 31 July 2018

What is CVE-2016-8622?

The URL percent-encoding decode function in libcurl is susceptible to a vulnerability due to improper handling of buffer sizes. Specifically, the curl_easy_unescape function can allocate a destination buffer larger than 2GB. However, it returns the new length as a signed 32-bit integer, potentially leading to truncation or negative values. This mismanagement can cause libcurl to write beyond its intended heap buffer, resulting in significant security risks and exploitation opportunities.

Affected Version(s)

curl 7.51.0

References

https://access.redhat.com/errata/RHSA-2018:3558

vendor-advisoryx_refsource_REDHAT

https://curl.haxx.se/docs/adv_20161102H.html

x_refsource_CONFIRM

https://www.tenable.com/security/tns-2016-21

x_refsource_CONFIRM

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 31, 2018
Vulnerability Reserved
Oct 12, 2016

The Curl Project

What is CVE-2016-8622?

Affected Version(s)

References

CVSS V3.1

Timeline