When saving HSTS data to an excessively long file name, curl could end up
removing all contents, making subsequent requests using that file unaware of
the HSTS status they should otherwise use.

CPENameOperatorVersion
fedoraeq38
curlge7.84.0
curllt8.5.0

Name	Operator	Version
fedora	eq	38
curl	ge	7.84.0
curl	lt	8.5.0

References

curl.se/docs/CVE-2023-46219.html

hackerone.com/reports/2236133

lists.fedoraproject.org/archives/list/[email protected]/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/

security.netapp.com/advisory/ntap-20240119-0007/

www.debian.org/security/2023/dsa-5587

cve 1

openvas 16

debiancve 1

osv 3

nvd 1

cvelist 1

f5 1

nessus 21

ubuntucve 1

cgr 1

veracode 1

redhatcve 1

alpinelinux 1

cbl_mariner 1

hackerone 1

wolfi 1

mageia 1

cloudfoundry 1

fedora 2

amazon 1

debian 1

ubuntu 1

photon 2

ibm 8

redhat 2

ics 1

hp 1

oracle 1

cve

CVE-2023-46219

2023-12-12 02:15:06

openvas

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1760)

2024-05-30 00:00:00

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1625)

2024-05-15 00:00:00

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1737)

2024-05-30 00:00:00

debiancve

CVE-2023-46219

2023-12-12 02:15:06

osv

CVE-2023-46219

2023-12-12 02:15:06

HSTS long filename clears contents

2023-12-06 08:00:00

curl vulnerabilities

2023-12-06 12:11:58

nvd

CVE-2023-46219

2023-12-12 02:15:06

cvelist

CVE-2023-46219

2023-12-12 01:38:41

K000138641 : cURL vulnerability CVE-2023-46219

2024-02-17 00:00:00

nessus

EulerOS 2.0 SP11 : curl (EulerOS-SA-2024-1233)

2024-03-12 00:00:00

Curl 7.84.0 <= 8.4.0 Information Disclosure (CVE-2023-46219)

2024-01-09 00:00:00

EulerOS Virtualization 2.11.0 : curl (EulerOS-SA-2024-1625)

2024-05-15 00:00:00

ubuntucve

CVE-2023-46219

2023-12-06 00:00:00

cgr

CVE-2023-46219 vulnerabilities

2024-05-19 03:07:16

veracode

Missing Encryption Of Sensitive Data

2023-12-08 01:03:15

redhatcve

CVE-2023-46219

2023-12-06 09:47:45

alpinelinux

CVE-2023-46219

2023-12-12 02:15:06

cbl_mariner

CVE-2023-46219 affecting package curl for versions less than 8.5.0-1

2024-01-14 22:46:30

hackerone

curl: CVE-2023-46219: HSTS long file name clears contents

2023-11-02 00:51:08

wolfi

CVE-2023-46219 vulnerabilities

2024-06-24 09:08:26

mageia

Updated curl packages fix security vulnerabilities

2023-12-13 21:32:37

cloudfoundry

USN-6535-1: curl vulnerabilities | Cloud Foundry

2024-03-18 00:00:00

fedora

[SECURITY] Fedora 39 Update: curl-8.2.1-4.fc39

2023-12-10 01:37:35

[SECURITY] Fedora 38 Update: curl-8.0.1-6.fc38

2023-12-15 02:19:17

amazon

Low: curl

2024-01-03 21:04:00

debian

[SECURITY] [DSA 5587-1] curl security update

2023-12-23 19:13:59

ubuntu

curl vulnerabilities

2023-12-06 00:00:00

photon

Moderate Photon OS Security Update - PHSA-2024-4.0-0623

2024-06-04 00:00:00

Moderate Photon OS Security Update - PHSA-2024-5.0-0280

2024-05-28 00:00:00

ibm

Security Bulletin: PowerSC is vulnerable to security restrictions bypass due to Curl (CVE-2023-46218, CVE-2023-46219, CVE-2024-0853)

2024-03-20 18:41:31

Security Bulletin: IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Real Time Action and Base Module affected by multiple vulnerabilities (CVE-2023-46219, CVE-2023-46218, CVE-2023-52071, CVE-2024-0853)

2024-04-30 20:47:10

Security Bulletin: Vulnerability with Kernel and Lib cURL affect IBM Cloud Object Storage Systems (Jan 2024v1)

2024-01-29 23:30:02

redhat

(RHSA-2024:1316) Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP3 security update

2024-03-18 16:18:02

(RHSA-2024:1317) Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP3 security update

2024-03-18 16:18:09

ics

Siemens SIMATIC RTLS Locating Manager

2024-05-16 12:00:00

HP ThinPro 8.1 SP 2 Security Updates

2024-04-12 00:00:00

oracle

Oracle Critical Patch Update Advisory - April 2024

2024-04-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

20.5%

JSON

Related for PRION:CVE-2023-46219