Lucene search

CVE-2023-27538

🗓️ 30 Mar 2023 20:07:15Reported by hackeroneType

An authentication bypass vulnerability exists in libcurl prior to v8.0.0 due to improper handling of SSH connection reuse

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 141
Tenable Nessus	Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-27538)	10 Feb 202500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2023-27538	5 Mar 202500:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-27538)	20 Apr 202300:00	–	nessus
Tenable Nessus	Debian dla-3398 : curl - security update	25 Apr 202300:00	–	nessus
Tenable Nessus	RHEL 9 : curl (RHSA-2023:6679)	7 Nov 202300:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.9.0 : curl (EulerOS-SA-2023-2523)	31 Jul 202300:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : curl (EulerOS-SA-2023-2308)	9 Jul 202300:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : curl (EulerOS-SA-2023-2328)	9 Jul 202300:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2023-2510)	31 Jul 202300:00	–	nessus
Tenable Nessus	Photon OS 4.0: Curl PHSA-2023-4.0-0371	23 Jul 202400:00	–	nessus

Nvd

Vulners

Node

haxx libcurlRange7.16.1–8.0.0

Node

fedoraproject fedoraMatch36

Node

debian debian_linuxMatch10.0

Node

netapp active_iq_unified_managerMatch-vmware_vsphere

netapp clustered_data_ontapMatch9.0-

broadcom brocade_fabric_operating_system_firmwareMatch-

Node

netapp h300s_firmwareMatch-

AND

netapp h300sMatch-

Node

netapp h500s_firmwareMatch-

AND

netapp h500sMatch-

Node

netapp h700s_firmwareMatch-

AND

netapp h700sMatch-

Node

netapp h410s_firmwareMatch-

AND

netapp h410sMatch-

Node

splunk universal_forwarderRange8.2.0–8.2.12

splunk universal_forwarderRange9.0.0–9.0.6

splunk universal_forwarderMatch9.1.0

[
  {
    "vendor": "n/a",
    "product": "https://github.com/curl/curl",
    "versions": [
      {
        "version": "Fixed in 8.0.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
security	www.security.netapp.com/advisory/ntap-20230420-0010/
lists	www.lists.debian.org/debian-lts-announce/2023/04/msg00025.html
security	www.security.gentoo.org/glsa/202310-12
hackerone	www.hackerone.com/reports/1898475

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 Mar 2023 20:15Current

7.1High risk

Vulners AI Score7.1

CVSS35.5 - 7.7

EPSS0.00007

SSVC