Miggo Logo
Miggo Vulnerability Database
CVE-2022-32206

CVE-2022-32206: curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can...

6.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-32206
GHSA ID
GHSA-pphv-gw4r-gww8
EPSS Score
0.84797%
CWE
CWE-770
Published
7/8/2022
Updated
4/7/2024
KEV Status
No
Technology
-

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability description indicates that curl allowed an unbounded number of chained HTTP compression algorithms. The provided commit (3a09fbb7f264c67c438d01a30669ce325aa508e2) directly addresses this by modifying the Curl_build_unencoding_stack function in lib/content_encoding.c. This function is responsible for parsing the Content-Encoding header and setting up the decompression stack. The patch adds a counter and a defined maximum number of encoding steps (MAX_ENCODE_STACK). If this limit is exceeded, the function now returns an error (CURLE_BAD_CONTENT_ENCODING). This directly mitigates the vulnerability by preventing an excessive number of decompression operations. Therefore, Curl_build_unencoding_stack was the function that processed the malicious input and lacked the necessary bounds checking, making it the vulnerable function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*url < *.**.* supports "***in**" *TTP *ompr*ssion *l*orit*ms, m**nin* t**t * s*rv*rr*spons* **n ** *ompr*ss** multipl* tim*s *n* pot*nti*lly wit* *i***r*nt *l*orit*ms. T** num**r o* ****pt**l* "links" in t*is "***ompr*ssion ***in" w*s un*oun***, *llo

Reasoning

T** vuln*r**ility **s*ription in*i**t*s t**t *url *llow** *n un*oun*** num**r o* ***in** *TTP *ompr*ssion *l*orit*ms. T** provi*** *ommit (****************************************) *ir**tly ***r*ss*s t*is *y mo*i*yin* t** `*url_*uil*_un*n*o*in*_st**k