CVE-2020-19909

Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated systems or networks if, for example, --retry-delay is misinterpreted as a value much smaller than what was intended. This is not especially plausible because the overflow only happens if the user was trying to specify that curl should wait weeks (or longer) before trying to recover from a transient error.

CVSS v3 3.3 LOW

3.3^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/	Issue Tracking
https://github.com/curl/curl/pull/4166	Patch

Configurations

Configuration 1 (hide)

cpe:2.3:a:haxx:curl:7.65.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-08-22 19:16

Updated : 2024-07-08 18:15

NVD link : CVE-2020-19909

Mitre link : CVE-2020-19909

CVE.ORG link : CVE-2020-19909

JSON object : View

Products Affected

haxx

curl

CWE

CWE-190

Integer Overflow or Wraparound

{"id": "CVE-2020-19909", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2023-08-22T19:16:06.480", "references": [{"url": "https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/", "tags": ["Issue Tracking"], "source": "cve@mitre.org"}, {"url": "https://github.com/curl/curl/pull/4166", "tags": ["Patch"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated systems or networks if, for example, --retry-delay is misinterpreted as a value much smaller than what was intended. This is not especially plausible because the overflow only happens if the user was trying to specify that curl should wait weeks (or longer) before trying to recover from a transient error."}, {"lang": "es", "value": "Vulnerabilidad de desbordamiento de enteros en \"tool_operate.c\" en curl v7.65.2 a trav\u00e9s de un valor grande como retardo de reintento. NOTA: muchas partes informan de que esto no tiene un impacto directo en la seguridad del usuario de curl: sin embargo, puede (en teor\u00eda) causar una denegaci\u00f3n de servicio a sistemas o redes asociados si, por ejemplo, --retry-delay se malinterpreta como un valor mucho menor del que se pretend\u00eda. Esto no es especialmente plausible porque el desbordamiento s\u00f3lo ocurre si el usuario estaba intentando especificar que curl deber\u00eda esperar semanas (o m\u00e1s) antes de intentar recuperarse de un error transitorio. "}], "lastModified": "2024-07-08T18:15:03.613", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:haxx:curl:7.65.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A210FF02-6C68-4D6D-95DF-A221023A6ED5"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}