Showing 1 - 4 of 4

CVE-2023-38039

Status Candidate

Overview

When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory.

Related Files

Apple Security Advisory 01-22-2024-7: Posted Jan 29, 2024; Authored by Apple | Site apple.com; Apple Security Advisory 01-22-2024-7 - macOS Monterey 12.7.3 addresses code execution vulnerabilities.; tags | advisory, vulnerability, code execution; systems | apple; advisories | CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-42888, CVE-2023-42915, CVE-2023-42937, CVE-2024-23207, CVE-2024-23212, CVE-2024-23222; SHA-256 | f47b5cc3fc3e2932c779a5e08268ff04f0c8b72f286e970997597391f2eb5f5b; Download | Favorite | View

Apple Security Advisory 01-22-2024-6: Posted Jan 29, 2024; Authored by Apple | Site apple.com; Apple Security Advisory 01-22-2024-6 - macOS Ventura 13.6.4 addresses bypass and code execution vulnerabilities.; tags | advisory, vulnerability, code execution; systems | apple; advisories | CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-40528, CVE-2023-42887, CVE-2023-42888, CVE-2023-42915, CVE-2023-42935, CVE-2023-42937, CVE-2024-23207, CVE-2024-23212, CVE-2024-23222, CVE-2024-23224; SHA-256 | 47401dee058f86008aabd7e82b8eacb1135f296db5a860fbaf2791d6ee670c04; Download | Favorite | View

Apple Security Advisory 01-22-2024-3: Posted Jan 26, 2024; Authored by Apple | Site apple.com; Apple Security Advisory 01-22-2024-3 - iOS 16.7.5 and iPadOS 16.7.5 addresses code execution vulnerabilities.; tags | advisory, vulnerability, code execution; systems | apple, ios; advisories | CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-42888, CVE-2023-42915, CVE-2023-42937, CVE-2024-23206, CVE-2024-23211, CVE-2024-23212, CVE-2024-23213, CVE-2024-23214, CVE-2024-23222; SHA-256 | f808342c47a19d49aca6649451e4d052f6ea01681c6945bc9ba9ef843c24277b; Download | Favorite | View

Ubuntu Security Notice USN-6363-1: Posted Sep 13, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6363-1 - It was discovered that curl incorrectly handled certain large headers. A remote attacker could possibly use this issue to cause curl to consume resources, resulting in a denial of service.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2023-38039; SHA-256 | c89702b030cc64f8d3350e64da7330b42effa8bc29777a3d99e868602c7788e5; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 292 files
Ubuntu 66 files
Debian 33 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
kai6u 3 files
liquidsky 3 files
malvuln 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,555)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,729)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,487)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

CVE-2023-38039

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems