CVE-2022-32207
Description
Curl before 7.84.0 may widen file permissions when saving cookies, alt-svc, or HSTS data, allowing unintended local access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Curl before 7.84.0 may widen file permissions when saving cookies, alt-svc, or HSTS data, allowing unintended local access.
Vulnerability
When curl versions prior to 7.84.0 save cookies, alt-svc, or HSTS data to local files, it uses an atomic save mechanism: writing to a temporary file then renaming it to the final target name. During the rename operation, the permissions of the target file may be inadvertently widened, leaving the updated file accessible to more users than intended. This affects all curl releases before 7.84.0.
Exploitation
An attacker does not require any special privileges; the vulnerability occurs during normal curl operation. If a user runs curl to save cookies or other data, the resulting file may have broader permissions than intended. An attacker with local access to the system can then read the file, gaining access to sensitive data such as cookies, alt-svc mappings, or HSTS entries. No user interaction beyond running curl is required.
Impact
Successful exploitation leads to information disclosure. An attacker can read the saved cookies, alt-svc, or HSTS data, potentially compromising user sessions or security policies. The attacker gains access at the privilege level of any local user who can read the file.
Mitigation
Upgrade to curl 7.84.0 or later, where the permission widening issue is fixed. Gentoo users should upgrade to >=net-misc/curl-7.86.0 [3]. If upgrading is not possible, avoid using curl to save cookies, alt-svc, or HSTS data to shared or world-readable locations.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
10- osv-coords8 versionspkg:rpm/almalinux/curlpkg:rpm/almalinux/curl-minimalpkg:rpm/almalinux/libcurlpkg:rpm/almalinux/libcurl-develpkg:rpm/almalinux/libcurl-minimalpkg:rpm/opensuse/curl&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/curl&distro=openSUSE%20Tumbleweedpkg:rpm/suse/curl&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4
< 7.76.1-14.el9_0.5+ 7 more
- (no CPE)range: < 7.76.1-14.el9_0.5
- (no CPE)range: < 7.76.1-14.el9_0.5
- (no CPE)range: < 7.76.1-14.el9_0.5
- (no CPE)range: < 7.76.1-14.el9_0.5
- (no CPE)range: < 7.76.1-14.el9_0.5
- (no CPE)range: < 7.79.1-150400.5.3.1
- (no CPE)range: < 7.84.0-1.1
- (no CPE)range: < 7.79.1-150400.5.3.1
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
8- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/mitrevendor-advisory
- security.gentoo.org/glsa/202212-01mitrevendor-advisory
- www.debian.org/security/2022/dsa-5197mitrevendor-advisory
- seclists.org/fulldisclosure/2022/Oct/28mitremailing-list
- seclists.org/fulldisclosure/2022/Oct/41mitremailing-list
- hackerone.com/reports/1573634mitre
- security.netapp.com/advisory/ntap-20220915-0003/mitre
- support.apple.com/kb/HT213488mitre
News mentions
0No linked articles in our index yet.