Vulnerability Details : CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
Vulnerability category: Information leak
Products affected by CVE-2023-28322
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:ontap_antivirus_connector:-:*:*:*:*:*:*:*
- cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-28322
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 50 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-28322
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.7
|
LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
2.2
|
1.4
|
NIST |
CWE ids for CVE-2023-28322
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: support@hackerone.com (Secondary)
References for CVE-2023-28322
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/
[SECURITY] Fedora 37 Update: curl-7.85.0-9.fc37 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/
[SECURITY] Fedora 37 Update: curl-7.85.0-9.fc37 - package-announce - Fedora Mailing-Lists
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/
[SECURITY] Fedora 38 Update: curl-8.0.1-2.fc38 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/
[SECURITY] Fedora 38 Update: curl-8.0.1-2.fc38 - package-announce - Fedora Mailing-Lists
-
https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html
[SECURITY] [DLA 3692-1] curl security update
-
https://security.netapp.com/advisory/ntap-20230609-0009/
May 2023 cURL/libcURL Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://support.apple.com/kb/HT213845
About the security content of macOS Big Sur 11.7.9 - Apple SupportThird Party Advisory
-
https://hackerone.com/reports/1954658
HackerOneExploit;Patch;Third Party Advisory
-
https://support.apple.com/kb/HT213844
About the security content of macOS Monterey 12.6.8 - Apple SupportThird Party Advisory
-
http://seclists.org/fulldisclosure/2023/Jul/52
Full Disclosure: APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9Mailing List;Third Party Advisory
-
https://security.gentoo.org/glsa/202310-12
curl: Multiple Vulnerabilities (GLSA 202310-12) — Gentoo securityThird Party Advisory
-
http://seclists.org/fulldisclosure/2023/Jul/48
Full Disclosure: APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8Mailing List;Third Party Advisory
-
https://support.apple.com/kb/HT213843
About the security content of macOS Ventura 13.5 - Apple SupportThird Party Advisory
-
http://seclists.org/fulldisclosure/2023/Jul/47
Full Disclosure: APPLE-SA-2023-07-24-4 macOS Ventura 13.5Mailing List;Third Party Advisory
Jump to