CVE-2023-46219

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions curl (affected versions not specified)

Description When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Missing Encryption of Sensitive Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-311

Related Identifiers

ALT-PU-2023-7837

ALT-PU-2023-7977

ALT-PU-2023-8180

ALT-PU-2023-8316

AZL-32120

AZL-32125

AZL-35020

AZL-35781

CLEANSTART-2026-AY18527

CLEANSTART-2026-BW46578

CLEANSTART-2026-DI23929

CLEANSTART-2026-LQ42192

CLEANSTART-2026-OF85770

CVE-2023-46219

DSA-5587-1

MGASA-2023-0345

OESA-2023-1958

OESA-2023-1959

OESA-2023-1960

OESA-2023-1961

OESA-2023-1962

OPENSUSE-SU-2023_4659-1

OPENSUSE-SU-2024:13509-1

RHSA-2024:1316

ROSA-SA-2025-2673

SUSE-SU-2023:4653-1

SUSE-SU-2023:4659-1

USN-6535-1

Affected Products

Alt Linux

Debian

Linuxmint

Red Os

Suse

Ubuntu

Curl

CVE-2023-46219

Weakness Enumeration

Related Identifiers

Affected Products

References · 321