{"id":"CLSA-2022-1663184487","summary":"Fix CVE(s): CVE-2022-35252","details":"\n   * SECURITY UPDATE: When curl sends back to an HTTP(S) server cookies with\n     control bytes, it might make the server return a 400 response\n     - debian/patches/CVE-2022-35252.patch: reject cookies with control\n       bytes 0x01-0x1f (except 0x09) plus 0x7f\n     - CVE-2022-35252","modified":"2026-06-04T09:46:01.375743534Z","published":"2022-09-14T19:41:27Z","upstream":["CVE-2022-35252"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/ubuntu16_04/CLSA-2022-1663184487"}],"affected":[{"package":{"name":"curl","ecosystem":"TuxCare:Ubuntu:16.04","purl":"pkg:deb/tuxcare/curl?distro=ubuntu-16.04"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.47.0-1ubuntu2.23+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2022-1663184487.json"}},{"package":{"name":"libcurl3","ecosystem":"TuxCare:Ubuntu:16.04","purl":"pkg:deb/tuxcare/libcurl3?distro=ubuntu-16.04"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.47.0-1ubuntu2.23+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2022-1663184487.json"}},{"package":{"name":"libcurl3-gnutls","ecosystem":"TuxCare:Ubuntu:16.04","purl":"pkg:deb/tuxcare/libcurl3-gnutls?distro=ubuntu-16.04"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.47.0-1ubuntu2.23+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2022-1663184487.json"}},{"package":{"name":"libcurl3-nss","ecosystem":"TuxCare:Ubuntu:16.04","purl":"pkg:deb/tuxcare/libcurl3-nss?distro=ubuntu-16.04"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.47.0-1ubuntu2.23+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2022-1663184487.json"}},{"package":{"name":"libcurl4-doc","ecosystem":"TuxCare:Ubuntu:16.04","purl":"pkg:deb/tuxcare/libcurl4-doc?distro=ubuntu-16.04"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.47.0-1ubuntu2.23+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2022-1663184487.json"}},{"package":{"name":"libcurl4-gnutls-dev","ecosystem":"TuxCare:Ubuntu:16.04","purl":"pkg:deb/tuxcare/libcurl4-gnutls-dev?distro=ubuntu-16.04"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.47.0-1ubuntu2.23+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2022-1663184487.json"}},{"package":{"name":"libcurl4-nss-dev","ecosystem":"TuxCare:Ubuntu:16.04","purl":"pkg:deb/tuxcare/libcurl4-nss-dev?distro=ubuntu-16.04"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.47.0-1ubuntu2.23+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2022-1663184487.json"}},{"package":{"name":"libcurl4-openssl-dev","ecosystem":"TuxCare:Ubuntu:16.04","purl":"pkg:deb/tuxcare/libcurl4-openssl-dev?distro=ubuntu-16.04"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.47.0-1ubuntu2.23+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2022-1663184487.json"}}],"schema_version":"1.7.5"}