CVE-2022-32206

EPSS 3.97% · P88 Updated May 06, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-32206

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

不加限制或调节的资源分配

Source: NVD (National Vulnerability Database)

Vulnerability Title

curl 资源管理错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

curl是一款用于从服务器传输数据或向服务器传输数据的工具。 curl 7.57.0版本到7.83.1版本存在资源管理错误漏洞，该漏洞源于curl支持的链式HTTP压缩算法缺少对于链接的数量限制。攻击者利用该漏洞可以会导致内存分配过大从而导致堆错误。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	https://github.com/curl/curl	Fixed in 7.84.0	-

II. Public POCs for CVE-2022-32206

#	POC Description	Source Link	Shenlong Link
1	None	https://github.com/HimanshuS67/external_curl_AOSP10_CVE-2022-32206	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-32206

请登录查看更多情报信息。

Same Patch Batch · n/a · 2022-07-07 · 32 CVEs total

CVE-2022-31854		Codoforum 代码问题漏洞
CVE-2022-1245		Red Hat Keycloak 安全漏洞
CVE-2022-32061		Snipe-IT 跨站脚本漏洞
CVE-2021-29281		GFI Mail Archiver 代码问题漏洞
CVE-2021-35283		atoms183 CMS SQL注入漏洞
CVE-2022-33098		Magnolia CMS 跨站脚本漏洞
CVE-2021-31645		glFTPd 安全漏洞
CVE-2015-5298		Jenkins Plugin Google Login 授权问题漏洞
CVE-2022-32058		TP-LINK TL-WR741N和TP-LINK TL-WR742N 安全漏洞
CVE-2022-32056		Online Accreditation Management SQL注入漏洞
CVE-2022-32055		Nesote Technologies Inout Homestay SQL注入漏洞
CVE-2022-32054		Tenda AC10 操作系统命令注入漏洞
CVE-2015-5236		icedtea-web 数据伪造问题漏洞
CVE-2022-23744		Check Point Endpoint Security Client 安全漏洞
CVE-2021-46825		Symantec Advanced Secure Gateway 环境问题漏洞
CVE-2022-32441		Hex Rays Ida Pro 缓冲区错误漏洞
CVE-2022-32060		Snipe-IT 跨站脚本漏洞
CVE-2015-1784		WordPress plugin nextgen-galery 代码问题漏洞
CVE-2015-1785		WordPress plugin nextgen-galery 跨站请求伪造漏洞
CVE-2015-3207		Red Hat OpenShift 安全漏洞

Showing top 20 of 32 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: https://github.com/curl/curl

Same vendor: n/a

Same weakness: CWE-770

V. Comments for CVE-2022-32206

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-32206

I. Basic Information for CVE-2022-32206

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-32206

III. Intelligence Information for CVE-2022-32206

Same Patch Batch · n/a · 2022-07-07 · 32 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-32206

Leave a comment