Lucene search
RedHatRHSA-2024:0434HistoryJan 24, 2024 - 2:40 p.m.
(RHSA-2024:0434) Moderate: curl security update
2024-01-2414:40:38
access.redhat.com
9
curl
libcurl
http
ftp
ldap
information disclosure
mixed case flaw
cve-2023-46218
file transfer
ssh server
rhel-14835
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
Security Fix(es):
- curl: information disclosure by exploiting a mixed case flaw (CVE-2023-46218)
Bug Fix(es):
- Cannot upload files bigger than 64K to “SSH-2.0-9.99 sshlib” server, transfer hangs (RHEL-14835)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 9 | ppc64le | curl-minimal-debuginfo | < 7.76.1-14.el9_0.11 | curl-minimal-debuginfo-7.76.1-14.el9_0.11.ppc64le.rpm |
| RedHat | 9 | aarch64 | libcurl | < 7.76.1-14.el9_0.11 | libcurl-7.76.1-14.el9_0.11.aarch64.rpm |
| RedHat | 9 | s390x | curl-debugsource | < 7.76.1-14.el9_0.11 | curl-debugsource-7.76.1-14.el9_0.11.s390x.rpm |
| RedHat | 9 | aarch64 | curl-minimal | < 7.76.1-14.el9_0.11 | curl-minimal-7.76.1-14.el9_0.11.aarch64.rpm |
| RedHat | 9 | i686 | curl-debugsource | < 7.76.1-14.el9_0.11 | curl-debugsource-7.76.1-14.el9_0.11.i686.rpm |
| RedHat | 9 | aarch64 | curl-minimal-debuginfo | < 7.76.1-14.el9_0.11 | curl-minimal-debuginfo-7.76.1-14.el9_0.11.aarch64.rpm |
| RedHat | 9 | s390x | libcurl-minimal | < 7.76.1-14.el9_0.11 | libcurl-minimal-7.76.1-14.el9_0.11.s390x.rpm |
| RedHat | 9 | s390x | curl-minimal-debuginfo | < 7.76.1-14.el9_0.11 | curl-minimal-debuginfo-7.76.1-14.el9_0.11.s390x.rpm |
| RedHat | 9 | x86_64 | curl-debuginfo | < 7.76.1-14.el9_0.11 | curl-debuginfo-7.76.1-14.el9_0.11.x86_64.rpm |
| RedHat | 9 | ppc64le | libcurl-minimal | < 7.76.1-14.el9_0.11 | libcurl-minimal-7.76.1-14.el9_0.11.ppc64le.rpm |
Related
nessus
nessus
Oracle Linux 9 : curl (ELSA-2024-1129)
2024-03-07 00:00:00
EulerOS Virtualization 2.9.0 : curl (EulerOS-SA-2024-1467)
2024-03-21 00:00:00
RHEL 9 : curl (RHSA-2024:1129)
2024-03-05 00:00:00
cgr
cgr
CVE-2023-46218 vulnerabilities
2024-05-19 03:07:16
ubuntucve
ubuntucve
CVE-2023-46218
2023-12-06 00:00:00
redhat
redhat
(RHSA-2024:0452) Moderate: curl security update
2024-01-24 14:40:52
(RHSA-2024:1129) Moderate: curl security update
2024-03-05 15:32:04
(RHSA-2024:0585) Moderate: curl security and bug fix update
2024-01-30 12:53:25
osv
osv
cookie mixed case PSL bypass
2023-12-06 08:00:00
curl vulnerability
2024-02-19 08:44:03
curl - security update
2023-12-23 00:00:00
ubuntu
ubuntu
curl vulnerability
2024-02-19 00:00:00
curl vulnerabilities
2023-12-06 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-46218 affecting package curl for versions less than 8.5.0-1
2024-01-14 22:46:30
CVE-2023-46218 affecting package mysql for versions less than 8.0.35-2
2024-01-14 22:46:30
openvas
openvas
Ubuntu: Security Advisory (USN-6641-1)
2024-02-20 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1467)
2024-03-21 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1102)
2024-01-29 00:00:00
hackerone
hackerone
curl: CVE-2023-46218: cookie mixed case PSL bypass
2023-10-16 18:28:56
Internet Bug Bounty: curl cookie mixed case PSL bypass
2023-12-06 12:00:29
almalinux
almalinux
Moderate: curl security update
2024-03-05 00:00:00
Moderate: curl security and bug fix update
2024-04-02 00:00:00
wolfi
wolfi
CVE-2023-46218 vulnerabilities
2024-06-06 03:10:56
prion
prion
Code injection
2023-12-07 01:15:00
ibm
ibm
alpinelinux
alpinelinux
CVE-2023-46218
2023-12-07 01:15:07
aix
aix
f5
f5
K000138650 : cURL vulnerability CVE-2023-46218
2024-02-21 00:00:00
cve
cve
CVE-2023-46218
2023-12-07 01:15:07
redhatcve
redhatcve
CVE-2023-46218
2023-12-06 09:47:42
oraclelinux
oraclelinux
curl security update
2024-03-06 00:00:00
curl security and bug fix update
2024-04-03 00:00:00
amazon
amazon
Medium: curl
2024-04-24 22:15:00
Low: curl
2024-01-03 21:04:00
redos
redos
ROS-20240328-11
2024-03-28 00:00:00
cvelist
cvelist
CVE-2023-46218
2023-12-07 01:10:34
veracode
veracode
Cookie Mixed Case PSL Bypass
2023-12-08 01:03:15
debiancve
debiancve
CVE-2023-46218
2023-12-07 01:15:07
fedora
fedora
[SECURITY] Fedora 39 Update: curl-8.2.1-4.fc39
2023-12-10 01:37:35
[SECURITY] Fedora 38 Update: curl-8.0.1-6.fc38
2023-12-15 02:19:17
debian
debian
[SECURITY] [DLA 3692-1] curl security update
2023-12-22 14:27:56
[SECURITY] [DSA 5587-1] curl security update
2023-12-23 19:13:59
mageia
mageia
Updated curl packages fix security vulnerabilities
2023-12-13 21:32:37
cloudfoundry
cloudfoundry
USN-6535-1: curl vulnerabilities | Cloud Foundry
2024-03-18 00:00:00
rocky
rocky
curl security and bug fix update
2024-04-05 14:55:53
ics
ics
Siemens SIMATIC RTLS Locating Manager
2024-05-16 12:00:00
hp
hp
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00