Dismissed
(max. allowed matches exceeded)
Activity log
- Created & dismissed (max. allowed matches exceeded) suggestion
trailing dot domain super cookie
A flaw in curl’s cookie parsing logic allows a malicious HTTP server to set 'super cookies' that bypass the Public Suffix List check. This enables an attacker-controlled origin to inject cookies that curl subsequently scopes and transmits to unrelated third-party domains.
Affected products
curl
- =<8.2.0
- =<7.71.1
- =<7.50.1
- =<7.56.0
- =<7.72.0
- =<7.68.0
- =<7.64.0
- =<7.64.1
- =<7.63.0
- =<7.76.0
- =<7.59.0
- =<8.6.0
- =<7.74.0
- =<7.58.0
- =<8.1.2
- =<7.67.0
- =<7.48.0
- =<8.15.0
- =<7.65.1
- =<7.54.1
- =<7.55.0
- =<7.77.0
- =<8.7.1
- =<8.11.0
- =<7.79.1
- =<7.83.1
- =<8.16.0
- =<7.66.0
- =<8.12.1
- =<7.46.0
- =<8.10.0
- =<7.62.0
- =<7.53.0
- =<8.18.0
- =<7.51.0
- =<7.61.1
- =<7.76.1
- =<7.49.0
- =<7.73.0
- =<7.75.0
- =<8.14.0
- =<8.20.0
- =<7.70.0
- =<8.5.0
- =<7.65.2
- =<8.8.0
- =<7.79.0
- =<8.4.0
- =<7.88.0
- =<8.12.0
- =<7.50.3
- =<8.0.1
- =<8.2.1
- =<7.52.0
- =<7.53.1
- =<8.13.0
- =<7.47.1
- =<7.82.0
- =<7.65.3
- =<7.47.0
- =<7.69.0
- =<8.3.0
- =<8.0.0
- =<7.84.0
- =<7.65.0
- =<7.78.0
- =<7.85.0
- =<7.81.0
- =<7.60.0
- =<7.52.1
- =<7.57.0
- =<8.1.1
- =<8.14.1
- =<7.50.0
- =<8.19.0
- =<7.55.1
- =<8.9.1
- =<7.87.0
- =<7.88.1
- =<7.50.2
- =<8.9.0
- =<8.11.1
- =<7.71.0
- =<8.17.0
- =<8.1.0
- =<8.10.1
- =<7.61.0
- =<7.69.1
- =<7.54.0
- =<7.83.0
- =<7.80.0
- =<7.86.0
- =<7.56.1
- =<7.49.1
- =<8.7.0