PT-2023-29913 · Curl+6 · Curl+6

Cxshakal

Publicado

2023-12-06

Atualizado

2026-05-18

CVE-2023-46219

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions curl (affected versions not specified)

Description When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Missing Encryption of Sensitive Data

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-311

Identificadores relacionados

ALT-PU-2023-7837

ALT-PU-2023-7977

ALT-PU-2023-8180

ALT-PU-2023-8316

AZL-32120

AZL-32125

AZL-35020

AZL-35781

CLEANSTART-2026-AY18527

CLEANSTART-2026-BW46578

CLEANSTART-2026-DI23929

CLEANSTART-2026-LQ42192

CLEANSTART-2026-OF85770

CVE-2023-46219

DSA-5587-1

MGASA-2023-0345

OESA-2023-1958

OESA-2023-1959

OESA-2023-1960

OESA-2023-1961

OESA-2023-1962

OPENSUSE-SU-2023_4659-1

OPENSUSE-SU-2024:13509-1

RHSA-2024:1316

ROSA-SA-2025-2673

SUSE-SU-2023:4653-1

SUSE-SU-2023:4659-1

USN-6535-1

Produtos afetados

Alt Linux

Debian

Linuxmint

Red Os

Suse

Ubuntu

Curl

PT-2023-29913 · Curl+6 · Curl+6

CVE-2023-46219

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 321