{"api_version":"1","generated_at":"2026-04-12T22:14:15+00:00","cve":"CVE-2022-43552","urls":{"html":"https://cve.report/CVE-2022-43552","api":"https://cve.report/api/cve/CVE-2022-43552.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-43552","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-43552"},"summary":{"title":"CVE-2022-43552","description":"A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.","state":"PUBLIC","assigner":"support@hackerone.com","published_at":"2023-02-09 20:15:00","updated_at":"2024-03-27 14:55:00"},"problem_types":["CWE-416"],"metrics":[],"references":[{"url":"https://hackerone.com/reports/1764858","name":"https://hackerone.com/reports/1764858","refsource":"MISC","tags":[],"title":"HackerOne","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/202310-12","name":"GLSA-202310-12","refsource":"GENTOO","tags":[],"title":"curl: Multiple Vulnerabilities (GLSA 202310-12) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230214-0002/","name":"https://security.netapp.com/advisory/ntap-20230214-0002/","refsource":"CONFIRM","tags":[],"title":"December 2022 cURL/libcURL Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213670","name":"https://support.apple.com/kb/HT213670","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Ventura 13.3 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Mar/17","name":"20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-03-27-3 macOS Ventura 13.3","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-43552","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-43552","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"43552","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43552","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"haxx","cpe5":"curl","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43552","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"splunk","cpe5":"universal_forwarder","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43552","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"splunk","cpe5":"universal_forwarder","cpe6":"9.1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-43552","qid":"160632","title":"Oracle Enterprise Linux Security Update for curl (ELSA-2023-2478)"},{"cve":"CVE-2022-43552","qid":"160695","title":"Oracle Enterprise Linux Security Update for curl (ELSA-2023-2963)"},{"cve":"CVE-2022-43552","qid":"161225","title":"Oracle Enterprise Linux Security Update for curl (ELSA-2023-7743)"},{"cve":"CVE-2022-43552","qid":"181508","title":"Debian Security Update for curl (DSA 5330-1)"},{"cve":"CVE-2022-43552","qid":"181512","title":"Debian Security Update for curl (DLA 3288-1)"},{"cve":"CVE-2022-43552","qid":"184559","title":"Debian Security Update for curl (CVE-2022-43552)"},{"cve":"CVE-2022-43552","qid":"199085","title":"Ubuntu Security Notification for curl Vulnerabilities (USN-5788-1)"},{"cve":"CVE-2022-43552","qid":"199491","title":"Ubuntu Security Notification for curl Vulnerabilities (USN-5894-1)"},{"cve":"CVE-2022-43552","qid":"241414","title":"Red Hat Update for curl (RHSA-2023:2478)"},{"cve":"CVE-2022-43552","qid":"241503","title":"Red Hat Update for curl (RHSA-2023:2963)"},{"cve":"CVE-2022-43552","qid":"241574","title":"Red Hat Update for JBoss Core Services (RHSA-2023:3354)"},{"cve":"CVE-2022-43552","qid":"242589","title":"Red Hat Update for curl (RHSA-2023:7743)"},{"cve":"CVE-2022-43552","qid":"242849","title":"Red Hat Update for curl (RHSA-2024:0428)"},{"cve":"CVE-2022-43552","qid":"257269","title":"Centos Security Update for curl"},{"cve":"CVE-2022-43552","qid":"257281","title":"CentOS Security Update for curl Security Update (CESA-2023:7743)"},{"cve":"CVE-2022-43552","qid":"283558","title":"Fedora Security Update for curl (FEDORA-2022-d7ee33d4ad)"},{"cve":"CVE-2022-43552","qid":"283562","title":"Fedora Security Update for curl (FEDORA-2022-9836111c44)"},{"cve":"CVE-2022-43552","qid":"330140","title":"IBM AIX Multiple Vulnerabilities due to curl (curl_advisory2)"},{"cve":"CVE-2022-43552","qid":"354700","title":"Amazon Linux Security Advisory for curl : ALAS2022-2023-276"},{"cve":"CVE-2022-43552","qid":"354731","title":"Amazon Linux Security Advisory for curl : ALAS2-2023-1924"},{"cve":"CVE-2022-43552","qid":"354899","title":"Amazon Linux Security Advisory for curl : ALAS-2023-1729"},{"cve":"CVE-2022-43552","qid":"355207","title":"Amazon Linux Security Advisory for curl : ALAS2023-2023-083"},{"cve":"CVE-2022-43552","qid":"378092","title":"NetApp Clustered Data Open Network Technology for Appliance Products (ONTAP) Disclosure of Sensitive Information Vulnerability (NTAP-20230214-0002)"},{"cve":"CVE-2022-43552","qid":"378189","title":"Apple macOS Ventura 13.3 Not Installed (HT213670)"},{"cve":"CVE-2022-43552","qid":"378599","title":"Splunk Enterprise Third Party Package Updates for June (SVD-2023-0613)"},{"cve":"CVE-2022-43552","qid":"378883","title":"Splunk Enterprise August Third Party Package Updates (SVD-2023-0808)"},{"cve":"CVE-2022-43552","qid":"379349","title":"Alibaba Cloud Linux Security Update for curl (ALINUX2-SA-2024:0007)"},{"cve":"CVE-2022-43552","qid":"502614","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2022-43552","qid":"502615","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2022-43552","qid":"502616","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2022-43552","qid":"502718","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2022-43552","qid":"672614","title":"EulerOS Security Update for curl (EulerOS-SA-2023-1309)"},{"cve":"CVE-2022-43552","qid":"672716","title":"EulerOS Security Update for curl (EulerOS-SA-2023-1438)"},{"cve":"CVE-2022-43552","qid":"672777","title":"EulerOS Security Update for curl (EulerOS-SA-2023-1463)"},{"cve":"CVE-2022-43552","qid":"672792","title":"EulerOS Security Update for curl (EulerOS-SA-2023-1522)"},{"cve":"CVE-2022-43552","qid":"672820","title":"EulerOS Security Update for curl (EulerOS-SA-2023-1547)"},{"cve":"CVE-2022-43552","qid":"672836","title":"EulerOS Security Update for curl (EulerOS-SA-2023-1571)"},{"cve":"CVE-2022-43552","qid":"672845","title":"EulerOS Security Update for curl (EulerOS-SA-2023-1581)"},{"cve":"CVE-2022-43552","qid":"673109","title":"EulerOS Security Update for curl (EulerOS-SA-2023-2139)"},{"cve":"CVE-2022-43552","qid":"710772","title":"Gentoo Linux curl Multiple Vulnerabilities (GLSA 202310-12)"},{"cve":"CVE-2022-43552","qid":"753054","title":"SUSE Enterprise Linux Security Update for curl (SUSE-SU-2022:4598-1)"},{"cve":"CVE-2022-43552","qid":"753056","title":"SUSE Enterprise Linux Security Update for curl (SUSE-SU-2022:4597-1)"},{"cve":"CVE-2022-43552","qid":"754020","title":"SUSE Enterprise Linux Security Update for curl (SUSE-SU-2023:2226-1)"},{"cve":"CVE-2022-43552","qid":"754021","title":"SUSE Enterprise Linux Security Update for curl (SUSE-SU-2023:2228-1)"},{"cve":"CVE-2022-43552","qid":"905414","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for mysql (13267)"},{"cve":"CVE-2022-43552","qid":"905415","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for curl (13257)"},{"cve":"CVE-2022-43552","qid":"905417","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cmake (13256)"},{"cve":"CVE-2022-43552","qid":"905419","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for rust (13269)"},{"cve":"CVE-2022-43552","qid":"905427","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cmake (13280)"},{"cve":"CVE-2022-43552","qid":"905428","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for curl (13284)"},{"cve":"CVE-2022-43552","qid":"905429","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for rust (13289)"},{"cve":"CVE-2022-43552","qid":"905430","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for mysql (13287)"},{"cve":"CVE-2022-43552","qid":"905434","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for curl (13284-1)"},{"cve":"CVE-2022-43552","qid":"905663","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for curl (13257-1)"},{"cve":"CVE-2022-43552","qid":"906575","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for curl (13257-3)"},{"cve":"CVE-2022-43552","qid":"906847","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for mysql (13287-1)"},{"cve":"CVE-2022-43552","qid":"907374","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for rust (13289-1)"},{"cve":"CVE-2022-43552","qid":"941021","title":"AlmaLinux Security Update for curl (ALSA-2023:2478)"},{"cve":"CVE-2022-43552","qid":"941095","title":"AlmaLinux Security Update for curl (ALSA-2023:2963)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2022-43552","ASSIGNER":"support@hackerone.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"https://github.com/curl/curl","version":{"version_data":[{"version_value":"Fixed in curl 7.87.0"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Use After Free (CWE-416)"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://hackerone.com/reports/1764858","url":"https://hackerone.com/reports/1764858"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20230214-0002/","url":"https://security.netapp.com/advisory/ntap-20230214-0002/"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213670","url":"https://support.apple.com/kb/HT213670"},{"refsource":"FULLDISC","name":"20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3","url":"http://seclists.org/fulldisclosure/2023/Mar/17"},{"refsource":"GENTOO","name":"GLSA-202310-12","url":"https://security.gentoo.org/glsa/202310-12"}]},"description":{"description_data":[{"lang":"eng","value":"A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path."}]}},"nvd":{"publishedDate":"2023-02-09 20:15:00","lastModifiedDate":"2024-03-27 14:55:00","problem_types":["CWE-416"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":5.9,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.2,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionEndExcluding":"7.87.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0","versionEndExcluding":"13.3","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.0.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.12","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}