Cookie Mixed Case PSL Bypass

🗓️ 08 Dec 2023 01:03:15Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 40 Views

Curl vulnerability: Cookie PSL Bypass

Reporter	Title	Published	Views	Family All 242
IBM Security Bulletins	Security Bulletin: IBM Storage Ceph is vulnerable to the Insertion of Sensitive Information Into Sent Data in the RHEL UBI (CVE-2023-46218)	5 Aug 202420:44	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to protobuf-go, libcurl, libexpat, Java SE, IBM GSKit-Crypto, open redirect, buffer overflow condition and golang-fips/openssl vulnerabilities.	30 Apr 202407:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in libcURL affect IBM DevOps Code ClearCase.	15 Jul 202413:21	–	ibm
IBM Security Bulletins	Security Bulletin: AIX is vulnerable to security restrictions bypass due to cURL libcurl (CVE-2023-46218)	7 Mar 202422:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty and libcurl may affect IBM Storage Protect Backup-Archive Client	26 Jun 202416:23	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in libcurl, cURL and Linux Kernel might affect IBM Storage Copy Data Management	14 Jun 202416:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities	15 Apr 202502:22	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and IBM Java may affect IBM Storage Protect for Virtual Environments: Data Protection for Microsoft Hyper-V	15 Apr 202502:18	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability with Kernel and Lib cURL affect IBM Cloud Object Storage Systems (Jan 2024v1)	29 Jan 202423:12	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	18 Aug 202514:19	–	ibm

Vulners

Node

curl curlMatch7.72.0-1debian

AND

debian debian_linuxMatch999

curl curlMatch7.64.0-4+deb10u1debian

AND

curl curlMatch7.64.0-4+deb10u2debian

AND

debian debian_linuxMatch10

curl curlMatch7.74.0-1.3+b1debian

AND

curl curlMatch7.72.0-1debian

AND

debian debian_linuxMatch11

curl curlMatch8.1.1-r1os

AND

curl curlMatch7.87.0-r0os

AND

curl curlMatch8.0.1-r0os

AND

curl curlMatch8.1.0-r2os

AND

curl curlMatch7.87.0-r2os

AND

curl curlMatch7.88.1-r1os

AND

curl curlMatch8.4.0-r0os

AND

curl curlMatch7.87.0-r1os

AND

curl curlMatch7.86.0-r1os

AND

curl curlMatch8.2.1-r0os

AND

curl curlMatch8.1.2-r0os

AND

curl curlMatch8.2.0-r1os

AND

curl curlMatch7.88.1-r0os

AND

curl curlMatch8.3.0-r0os

AND

alpinelinux alpine_linuxMatch3.17

curl curlMatch7.83.1-r1os

AND

curl curlMatch8.1.1-r1os

AND

curl curlMatch7.83.1-r3os

AND

curl curlMatch8.3.0-r0os

AND

curl curlMatch8.2.1-r0os

AND

curl curlMatch7.83.1-r2os

AND

curl curlMatch7.83.1-r4os

AND

curl curlMatch7.83.1-r6os

AND

curl curlMatch7.83.1-r5os

AND

curl curlMatch8.1.0-r2os

AND

curl curlMatch7.83.0-r0os

AND

curl curlMatch8.1.2-r0os

AND

curl curlMatch8.2.0-r1os

AND

curl curlMatch8.4.0-r0os

AND

curl curlMatch8.0.1-r0os

AND

alpinelinux alpine_linuxMatch3.16

curl curlMatch8.1.2-r2os

AND

curl curlMatch7.69.1-r0os

AND

curl curlMatch7.78.0-r0os

AND

curl curlMatch7.88.1-r1os

AND

curl curlMatch7.69.0-r1os

AND

curl curlMatch7.87.0-r3os

AND

curl curlMatch8.2.1-r0os

AND

curl curlMatch8.0.1-r2os

AND

curl curlMatch7.76.0-r0os

AND

curl curlMatch7.85.0-r0os

AND

curl curlMatch8.1.2-r0os

AND

curl curlMatch7.83.0-r0os

AND

curl curlMatch7.77.0-r1os

AND

curl curlMatch8.2.0-r1os

AND

curl curlMatch8.3.0-r1os

AND

curl curlMatch7.87.0-r1os

AND

curl curlMatch7.77.0-r0os

AND

curl curlMatch8.0.1-r1os

AND

curl curlMatch7.87.0-r0os

AND

curl curlMatch8.4.0-r0os

AND

curl curlMatch8.0.1-r3os

AND

curl curlMatch7.79.0-r0os

AND

curl curlMatch7.81.0-r0os

AND

curl curlMatch7.75.0-r0os

AND

curl curlMatch7.78.0-r2os

AND

curl curlMatch7.80.0-r0os

AND

curl curlMatch7.86.0-r1os

AND

curl curlMatch7.76.1-r0os

AND

curl curlMatch8.1.0-r3os

AND

curl curlMatch7.84.0-r0os

AND

curl curlMatch7.68.0-r0os

AND

curl curlMatch8.1.1-r1os

AND

curl curlMatch7.83.1-r1os

AND

curl curlMatch7.84.0-r1os

AND

curl curlMatch7.81.0-r1os

AND

curl curlMatch7.82.0-r0os

AND

curl curlMatch7.79.1-r0os

AND

curl curlMatch8.0.1-r0os

AND

curl curlMatch7.69.0-r0os

AND

curl curlMatch8.3.0-r0os

AND

curl curlMatch8.1.2-r1os

AND

curl curlMatch7.84.0-r2os

AND

alpinelinux alpine_linuxMatchedge

curl curlMatch8.0.1-r0os

AND

curl curlMatch8.2.0-r1os

AND

curl curlMatch8.1.0-r2os

AND

curl curlMatch7.79.1-r0os

AND

curl curlMatch8.2.1-r0os

AND

curl curlMatch7.80.0-r3os

AND

curl curlMatch8.4.0-r0os

AND

curl curlMatch8.3.0-r0os

AND

curl curlMatch7.80.0-r1os

AND

curl curlMatch8.1.2-r0os

AND

curl curlMatch7.80.0-r5os

AND

curl curlMatch7.80.0-r4os

AND

curl curlMatch7.80.0-r2os

AND

curl curlMatch7.80.0-r6os

AND

curl curlMatch7.80.0-r0os

AND

curl curlMatch8.1.1-r1os

AND

alpinelinux alpine_linuxMatch3.15

curl curlMatch8.1.0-r2os

AND

curl curlMatch8.3.0-r0os

AND

curl curlMatch8.1.2-r0os

AND

curl curlMatch8.1.1-r1os

AND

curl curlMatch8.0.1-r2os

AND

curl curlMatch8.4.0-r0os

AND

curl curlMatch8.2.0-r1os

AND

curl curlMatch8.2.1-r0os

AND

alpinelinux alpine_linuxMatch3.18

curl curlMatch8.4.0-r0os

AND

alpinelinux alpine_linuxMatch3.19

Source	Link
security-tracker	www.security-tracker.debian.org/tracker/CVE-2023-46218
curl	www.curl.se/docs/CVE-2023-46218.html
hackerone	www.hackerone.com/reports/2212193
lists	www.lists.debian.org/debian-lts-announce/2023/12/msg00015.html
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/
security	www.security.netapp.com/advisory/ntap-20240125-0007/
debian	www.debian.org/security/2023/dsa-5587

13 Feb 2025 19:30Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.16.5

EPSS0.00213