CVE-2022-32221

critical Splunk
CVSS v3 Base Score
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
1.8%
Exploitation probability in 30 days
Top 17% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Confidentiality
High
Integrity
High
Availability
High
Published: December 5, 2022 (1255 days ago)
Last Modified: February 13, 2026
Vendor: Splunk

Description

When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.

CWE

CWE-200

Affected Products

haxx curlnetapp clustered data ontapnetapp h300s firmwarenetapp h500s firmwarenetapp h700s firmwarenetapp h410s firmwaredebian debian linuxapple macossplunk universal forwarder

References

🔗 seclists.org 🔗 seclists.org 🔗 www.openwall.com 🔗 hackerone.com 🔗 lists.debian.org