Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-5460-1:ACFDB
HistoryJul 26, 2023 - 7:36 p.m.

[SECURITY] [DSA 5460-1] curl security update

2023-07-2619:36:53
lists.debian.org
61
file path handling
debian
cve-2023-32001
security update
curl

0.0004 Low

EPSS

Percentile

9.1%

JSON

Debian Security Advisory DSA-5460-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
July 26, 2023 https://www.debian.org/security/faq

Package : curl
CVE ID : CVE-2023-32001

It was discovered that Curl performed incorrect file path handling when
saving cookies to files, which could lead to the creation or overwriting
of files.

The oldstable distribution (bullseye) is not affected.

For the stable distribution (bookworm), this problem has been fixed in
version 7.88.1-10+deb12u1.

We recommend that you upgrade your curl packages.

For the detailed security status of curl please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/curl

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian12allcurl< 7.88.1-10+deb12u1curl_7.88.1-10+deb12u1_all.deb
Debian12armellibcurl4< 7.88.1-10+deb12u1libcurl4_7.88.1-10+deb12u1_armel.deb
Debian12i386libcurl4-nss-dev< 7.88.1-10+deb12u1libcurl4-nss-dev_7.88.1-10+deb12u1_i386.deb
Debian12arm64curl-dbgsym< 7.88.1-10+deb12u1curl-dbgsym_7.88.1-10+deb12u1_arm64.deb
Debian12s390xlibcurl4-dbgsym< 7.88.1-10+deb12u1libcurl4-dbgsym_7.88.1-10+deb12u1_s390x.deb
Debian12mipsellibcurl4-openssl-dev< 7.88.1-10+deb12u1libcurl4-openssl-dev_7.88.1-10+deb12u1_mipsel.deb
Debian12amd64libcurl4-nss-dev< 7.88.1-10+deb12u1libcurl4-nss-dev_7.88.1-10+deb12u1_amd64.deb
Debian12s390xlibcurl4-openssl-dev< 7.88.1-10+deb12u1libcurl4-openssl-dev_7.88.1-10+deb12u1_s390x.deb
Debian12arm64libcurl3-nss< 7.88.1-10+deb12u1libcurl3-nss_7.88.1-10+deb12u1_arm64.deb
Debian12arm64libcurl3-gnutls< 7.88.1-10+deb12u1libcurl3-gnutls_7.88.1-10+deb12u1_arm64.deb
Rows per page:
1-10 of 1011

Related

nvd 1
openvas 14
veracode 1
nessus 12
cvelist 1
hackerone 2
redhatcve 1
cbl_mariner 3
fedora 2
slackware 1
debiancve 1
ubuntucve 1
cve 1
wolfi 1
prion 1
cgr 1
photon 3
osv 3
cloudfoundry 2
ubuntu 3
ibm 3
gentoo 1
nvd
nvd
CVE-2023-32001
2023-07-26 21:15:10
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:2880-1)
2023-07-20 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-3026)
2023-10-31 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-3355)
2023-12-14 00:00:00
veracode
veracode
Race Condition
2023-07-28 12:50:09
nessus
nessus
SUSE SLES12 Security Update : curl (SUSE-SU-2023:2880-1)
2023-07-20 00:00:00
EulerOS Virtualization 2.11.0 : curl (EulerOS-SA-2023-3374)
2024-01-16 00:00:00
Curl Arbitrary File Write 7.x >= 7.84.0 / 8.x <= 8.1.2 (CVE-2023-32001)
2023-07-26 00:00:00
cvelist
cvelist
CVE-2023-32001
2023-07-26 20:09:57
hackerone
hackerone
curl: CVE-2023-32001: fopen race condition
2023-06-27 07:05:59
Internet Bug Bounty: [curl] CVE-2023-32001: fopen race condition
2023-07-21 03:35:02
redhatcve
redhatcve
CVE-2023-32001
2023-07-19 08:37:27
cbl_mariner
cbl_mariner
CVE-2023-32001 affecting package rust for versions less than 1.72.0-2
2023-10-11 01:41:59
CVE-2023-32001 affecting package curl for versions less than 8.2.1-1
2023-08-18 20:45:02
CVE-2023-32001 affecting package tensorflow for versions less than 2.16.1-1
2024-04-17 22:02:46
fedora
fedora
[SECURITY] Fedora 37 Update: curl-7.85.0-10.fc37
2023-08-01 01:32:25
[SECURITY] Fedora 38 Update: curl-8.0.1-3.fc38
2023-07-22 01:23:13
slackware
slackware
[slackware-security] curl
2023-07-19 20:41:36
debiancve
debiancve
CVE-2023-32001
2023-07-26 21:15:00
ubuntucve
ubuntucve
CVE-2023-32001
2023-07-19 00:00:00
cve
cve
CVE-2023-32001
2023-07-26 21:15:10
wolfi
wolfi
CVE-2023-32001 vulnerabilities
2024-01-25 13:47:19
prion
prion
Design/Logic Flaw
2023-07-26 21:15:00
cgr
cgr
CVE-2023-32001 vulnerabilities
2024-01-25 17:18:02
photon
photon
Moderate Photon OS Security Update - PHSA-2023-3.0-0616
2023-07-20 00:00:00
Moderate Photon OS Security Update - PHSA-2023-4.0-0432
2023-07-19 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0054
2023-07-19 00:00:00
osv
osv
curl vulnerabilities
2023-07-19 12:11:55
curl regression
2023-07-19 17:34:44
curl vulnerabilities
2023-09-11 18:00:42
cloudfoundry
cloudfoundry
USN-6237-2: curl regression | Cloud Foundry
2023-08-10 00:00:00
USN-6237-1: curl vulnerabilities | Cloud Foundry
2024-03-18 00:00:00
ubuntu
ubuntu
curl vulnerabilities
2023-09-11 00:00:00
curl vulnerabilities
2023-07-19 00:00:00
curl regression
2023-07-19 00:00:00
ibm
ibm
Security Bulletin: Multiple publicly disclosed libcurl vulnerabilities affect IBM Safer Payments
2023-12-11 15:17:27
Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities
2023-11-22 15:33:01
Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.8
2024-02-28 14:30:22
gentoo
gentoo
curl: Multiple Vulnerabilities
2023-10-11 00:00:00

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for DEBIAN:DSA-5460-1:ACFDB
nvd1openvas14veracode1nessus12cvelist1hackerone2redhatcve1cbl_mariner3fedora2slackware1debiancve1ubuntucve1cve1wolfi1prion1cgr1photon3osv3cloudfoundry2ubuntu3ibm3gentoo1