CVE & CISA-KEV Catalog

CVE-2022-3918

HIGH
8.8
CVSS v3
NVD

Description

A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF ( ) injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSession to an HTTP server, the server may interpret the content after the CRLF as extra headers, or even a second request. For example, consider a URLRequest to http://example.com/ with the GET method. Suppose we set the URLRequest header "Foo" to the value "Bar Extra-Header: Added GET /other HTTP/1.1". When this request is sent, it will appear to the server as two requests: GET / HTTP/1.1 Foo: Bar Extra-Header: Added GET /other HTTP/1.1 In this manner, the client is able to inject extra headers and craft an entirely new request to a separate path, despite only making one API call in URLSession. If a developer has total control over the request and its headers, this vulnerability may not pose a threat. However, this vulnerability escalates if un-sanitized user input is placed in header values. If so, a malicious user could inject new headers or requests to an intermediary or backend server. Developers should be especially careful to sanitize user input in this case, or upgrade their version of swift-corelibs-foundation to include the patch below.

How to fix

Remediation Available
swift foundationNVD
Affected:< 5.7.3Fixed in:5.7.3CVE-2022-3918derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

0.78%probability of exploitation in 30 days
51stpercentile

Moderate risk: more likely to be exploited than 51% of all known CVEs.

References

Mitigation1

Related Vulnerabilities

Other CWE-74 (Injection) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2013-2251Critical9.8100%KEVFix
CVE-2023-22527Critical9.8100%KEV + RansomFix
CVE-2019-2725Critical9.8100%KEV + RansomFix
CVE-2022-46169Critical9.8100%KEVFix
CVE-2022-35914Critical9.8100%KEV-
CVE-2019-17558High7.599%KEVFix
Embed a live status badge for CVE-2022-3918
CVE-2022-3918 severity badge

Markdown

[![CVE-2022-3918](https://tridentstack.com/cve/badge/CVE-2022-3918.svg)](https://tridentstack.com/cve/CVE-2022-3918)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-3918"><img src="https://tridentstack.com/cve/badge/CVE-2022-3918.svg" alt="CVE-2022-3918"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-04-02.