8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.8%
TELNET option IAC injection. (CVE-2023-27533) SFTP path ~ resolving discrepancy. (CVE-2023-27534) FTP too eager connection reuse. (CVE-2023-27535) GSS delegation too eager connection re-use. (CVE-2023-27536) HSTS double free. (CVE-2023-27537) SSH connection too eager reuse still. (CVE-2023-27538) UAF in SSH sha256 fingerprint check. (CVE-2023-28319) siglongjmp race condition. (CVE-2023-28320) IDN wildcard match. (CVE-2023-28321) more POST-after-PUT confusion. (CVE-2023-28322) HTTP headers eat all memory. (CVE-2023-38039)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | curl | <Â 7.74.0-1.13 | curl-7.74.0-1.13.mga8 |
Mageia | 9 | noarch | curl | <Â 7.88.1-3.1 | curl-7.88.1-3.1.mga9 |
bugs.mageia.org/show_bug.cgi?id=31703
curl.se/docs/CVE-2023-27533.html
curl.se/docs/CVE-2023-27534.html
curl.se/docs/CVE-2023-27535.html
curl.se/docs/CVE-2023-27536.html
curl.se/docs/CVE-2023-27537.html
curl.se/docs/CVE-2023-27538.html
curl.se/docs/CVE-2023-28319.html
curl.se/docs/CVE-2023-28320.html
curl.se/docs/CVE-2023-28321.html
curl.se/docs/CVE-2023-28322.html
curl.se/docs/CVE-2023-32001.html
curl.se/docs/CVE-2023-38039.html
lists.suse.com/pipermail/sle-security-updates/2023-May/014913.html
ubuntu.com/security/notices/USN-5964-1
ubuntu.com/security/notices/USN-6363-1
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.8%