Showing 1 - 4 of 4

CVE-2023-38039

Status Candidate

Overview

When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory.

Related Files

Apple Security Advisory 01-22-2024-7: Posted Jan 29, 2024; Authored by Apple | Site apple.com; Apple Security Advisory 01-22-2024-7 - macOS Monterey 12.7.3 addresses code execution vulnerabilities.; tags | advisory, vulnerability, code execution; systems | apple; advisories | CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-42888, CVE-2023-42915, CVE-2023-42937, CVE-2024-23207, CVE-2024-23212, CVE-2024-23222; SHA-256 | f47b5cc3fc3e2932c779a5e08268ff04f0c8b72f286e970997597391f2eb5f5b; Download | Favorite | View

Apple Security Advisory 01-22-2024-6: Posted Jan 29, 2024; Authored by Apple | Site apple.com; Apple Security Advisory 01-22-2024-6 - macOS Ventura 13.6.4 addresses bypass and code execution vulnerabilities.; tags | advisory, vulnerability, code execution; systems | apple; advisories | CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-40528, CVE-2023-42887, CVE-2023-42888, CVE-2023-42915, CVE-2023-42935, CVE-2023-42937, CVE-2024-23207, CVE-2024-23212, CVE-2024-23222, CVE-2024-23224; SHA-256 | 47401dee058f86008aabd7e82b8eacb1135f296db5a860fbaf2791d6ee670c04; Download | Favorite | View

Apple Security Advisory 01-22-2024-3: Posted Jan 26, 2024; Authored by Apple | Site apple.com; Apple Security Advisory 01-22-2024-3 - iOS 16.7.5 and iPadOS 16.7.5 addresses code execution vulnerabilities.; tags | advisory, vulnerability, code execution; systems | apple, ios; advisories | CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-42888, CVE-2023-42915, CVE-2023-42937, CVE-2024-23206, CVE-2024-23211, CVE-2024-23212, CVE-2024-23213, CVE-2024-23214, CVE-2024-23222; SHA-256 | f808342c47a19d49aca6649451e4d052f6ea01681c6945bc9ba9ef843c24277b; Download | Favorite | View

Ubuntu Security Notice USN-6363-1: Posted Sep 13, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6363-1 - It was discovered that curl incorrectly handled certain large headers. A remote attacker could possibly use this issue to cause curl to consume resources, resulting in a denial of service.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2023-38039; SHA-256 | c89702b030cc64f8d3350e64da7330b42effa8bc29777a3d99e868602c7788e5; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 260 files
Ubuntu 90 files
indoushka 64 files
Jasper Nota 25 files
Gentoo 19 files
Willem Westerhof 19 files
Debian 15 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,090)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,547)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,646)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,459)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,729)
UNIX (9,433)
UnixWare (187)
Windows (6,670)
Other

CVE-2023-38039

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems