{"api_version":"1","generated_at":"2026-04-23T01:14:50+00:00","cve":"CVE-2022-43551","urls":{"html":"https://cve.report/CVE-2022-43551","api":"https://cve.report/api/cve/CVE-2022-43551.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-43551","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-43551"},"summary":{"title":"CVE-2022-43551","description":"A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E) `.`. Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded.","state":"PUBLIC","assigner":"support@hackerone.com","published_at":"2022-12-23 15:15:00","updated_at":"2024-03-27 14:58:00"},"problem_types":["CWE-319"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/","name":"FEDORA-2022-d7ee33d4ad","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 37 Update: curl-7.85.0-5.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202310-12","name":"https://security.gentoo.org/glsa/202310-12","refsource":"MISC","tags":[],"title":"curl: Multiple Vulnerabilities (GLSA 202310-12) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230427-0007/","name":"https://security.netapp.com/advisory/ntap-20230427-0007/","refsource":"MISC","tags":[],"title":"April 2023 MySQL Server Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://hackerone.com/reports/1755083","name":"https://hackerone.com/reports/1755083","refsource":"MISC","tags":[],"title":"HackerOne","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/","refsource":"MISC","tags":[],"title":"[SECURITY] Fedora 37 Update: curl-7.85.0-5.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-43551","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-43551","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"43551","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"37","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43551","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"haxx","cpe5":"curl","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43551","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vmware_vsphere","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43551","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43551","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"oncommand_insight","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43551","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"oncommand_workflow_automation","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43551","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"snapcenter","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43551","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"splunk","cpe5":"universal_forwarder","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43551","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"splunk","cpe5":"universal_forwarder","cpe6":"9.1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-43551","qid":"183851","title":"Debian Security Update for curl (CVE-2022-43551)"},{"cve":"CVE-2022-43551","qid":"199085","title":"Ubuntu Security Notification for curl Vulnerabilities (USN-5788-1)"},{"cve":"CVE-2022-43551","qid":"20344","title":"Oracle MySQL April 2023 Critical Patch Update (CPUAPR2023)"},{"cve":"CVE-2022-43551","qid":"241574","title":"Red Hat Update for JBoss Core Services (RHSA-2023:3354)"},{"cve":"CVE-2022-43551","qid":"283558","title":"Fedora Security Update for curl (FEDORA-2022-d7ee33d4ad)"},{"cve":"CVE-2022-43551","qid":"283562","title":"Fedora Security Update for curl (FEDORA-2022-9836111c44)"},{"cve":"CVE-2022-43551","qid":"296101","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 59.138.2 Missing (CPUJUL2023)"},{"cve":"CVE-2022-43551","qid":"330140","title":"IBM AIX Multiple Vulnerabilities due to curl (curl_advisory2)"},{"cve":"CVE-2022-43551","qid":"354700","title":"Amazon Linux Security Advisory for curl : ALAS2022-2023-276"},{"cve":"CVE-2022-43551","qid":"354731","title":"Amazon Linux Security Advisory for curl : ALAS2-2023-1924"},{"cve":"CVE-2022-43551","qid":"355207","title":"Amazon Linux Security Advisory for curl : ALAS2023-2023-083"},{"cve":"CVE-2022-43551","qid":"378092","title":"NetApp Clustered Data Open Network Technology for Appliance Products (ONTAP) Disclosure of Sensitive Information Vulnerability (NTAP-20230214-0002)"},{"cve":"CVE-2022-43551","qid":"378189","title":"Apple macOS Ventura 13.3 Not Installed (HT213670)"},{"cve":"CVE-2022-43551","qid":"378433","title":"Oracle Hypertext Transfer Protocol Server (HTTP Server) Server Multiple Vulnerabilities (CPUAPR2023)"},{"cve":"CVE-2022-43551","qid":"378599","title":"Splunk Enterprise Third Party Package Updates for June (SVD-2023-0613)"},{"cve":"CVE-2022-43551","qid":"378883","title":"Splunk Enterprise August Third Party Package Updates (SVD-2023-0808)"},{"cve":"CVE-2022-43551","qid":"502614","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2022-43551","qid":"502615","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2022-43551","qid":"502616","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2022-43551","qid":"502718","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2022-43551","qid":"672836","title":"EulerOS Security Update for curl (EulerOS-SA-2023-1571)"},{"cve":"CVE-2022-43551","qid":"672845","title":"EulerOS Security Update for curl (EulerOS-SA-2023-1581)"},{"cve":"CVE-2022-43551","qid":"710772","title":"Gentoo Linux curl Multiple Vulnerabilities (GLSA 202310-12)"},{"cve":"CVE-2022-43551","qid":"753056","title":"SUSE Enterprise Linux Security Update for curl (SUSE-SU-2022:4597-1)"},{"cve":"CVE-2022-43551","qid":"904785","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for curl (12114)"},{"cve":"CVE-2022-43551","qid":"904790","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for curl (12107-1)"},{"cve":"CVE-2022-43551","qid":"904939","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cmake (12315)"},{"cve":"CVE-2022-43551","qid":"905070","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cmake (12471)"},{"cve":"CVE-2022-43551","qid":"905215","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cmake (12905)"},{"cve":"CVE-2022-43551","qid":"905232","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cmake (12930)"},{"cve":"CVE-2022-43551","qid":"905339","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for curl (12114-1)"},{"cve":"CVE-2022-43551","qid":"905488","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cmake (12905-1)"},{"cve":"CVE-2022-43551","qid":"905528","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cmake (12930-1)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2022-43551","ASSIGNER":"support@hackerone.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E) `.`. Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Cleartext Transmission of Sensitive Information (CWE-319)","cweId":"CWE-319"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"https://github.com/curl/curl","version":{"version_data":[{"version_affected":"=","version_value":"Fixed in curl 7.87.0"}]}}]}}]}},"references":{"reference_data":[{"url":"https://hackerone.com/reports/1755083","refsource":"MISC","name":"https://hackerone.com/reports/1755083"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/","refsource":"MISC","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/"},{"url":"https://security.netapp.com/advisory/ntap-20230427-0007/","refsource":"MISC","name":"https://security.netapp.com/advisory/ntap-20230427-0007/"},{"url":"https://security.gentoo.org/glsa/202310-12","refsource":"MISC","name":"https://security.gentoo.org/glsa/202310-12"}]}},"nvd":{"publishedDate":"2022-12-23 15:15:00","lastModifiedDate":"2024-03-27 14:58:00","problem_types":["CWE-319"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionStartIncluding":"7.77.0","versionEndExcluding":"7.87.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.0.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.12","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}