A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user’s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.

References

bugzilla.redhat.com/show_bug.cgi?id=2179069

curl.se/docs/CVE-2023-27534.html

nvd.nist.gov/vuln/detail/CVE-2023-27534

www.cve.org/CVERecord?id=CVE-2023-27534

debian 1

osv 5

openvas 26

ibm 11

cloudlinux 1

nessus 45

cbl_mariner 5

nvd 1

alpinelinux 1

prion 1

cvelist 1

cve 1

hackerone 2

veracode 1

debiancve 1

ubuntucve 1

redos 1

amazon 2

redhat 5

oraclelinux 1

almalinux 1

ubuntu 1

cloudfoundry 1

fedora 3

freebsd 1

photon 4

slackware 1

aix 1

mageia 1

gentoo 1

ics 3

tenable 1

oracle 2

debian

[SECURITY] [DLA 3763-1] curl security update

2024-03-17 10:44:57

osv

SFTP path ~ resolving discrepancy

2023-03-20 08:00:00

CVE-2023-27534

2023-03-30 20:15:07

curl - security update

2024-03-17 00:00:00

openvas

Debian: Security Advisory (DLA-3763-1)

2024-03-18 00:00:00

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-3395)

2023-12-14 00:00:00

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2328)

2023-07-10 00:00:00

ibm

Security Bulletin: IBM Storage Ceph is vulnerable to Path Traversal in the RHEL UBI (CVE-2023-27534)

2024-01-19 22:15:04

Security Bulletin: IBM Event Streams is affected by a libcurl vulnerability

2023-09-25 14:39:23

Security Bulletin: cURL as used by IBM QRadar WinCollect Agent contains multiple vulnerabilities

2023-06-08 21:14:37

cloudlinux

curl: Fix of CVE-2023-27534

2023-04-24 14:48:46

nessus

Debian dla-3763 : curl - security update

2024-03-17 00:00:00

CBL Mariner 2.0 Security Update: curl (CVE-2023-27534)

2023-04-20 00:00:00

RHEL 8 : curl (Unpatched Vulnerability)

2024-06-03 00:00:00

cbl_mariner

CVE-2023-27534 affecting package cmake for versions less than 3.28.2-1

2024-03-19 17:21:46

CVE-2023-27534 affecting package curl for versions less than 8.0.1-1

2023-04-16 00:48:11

CVE-2023-27534 affecting package rust for versions less than 1.72.0-2

2023-10-11 01:41:59

nvd

CVE-2023-27534

2023-03-30 20:15:07

alpinelinux

CVE-2023-27534

2023-03-30 20:15:07

prion

Path traversal

2023-03-30 20:15:00

cvelist

CVE-2023-27534

2023-03-30 00:00:00

cve

CVE-2023-27534

2023-03-30 20:15:07

hackerone

Internet Bug Bounty: CVE-2023-27534: SFTP path ~ resolving discrepancy

2023-03-20 07:36:00

curl: CVE-2023-27534: SFTP path ~ resolving discrepancy

2023-03-05 02:08:44

veracode

Path Traversal

2023-03-21 00:27:43

debiancve

CVE-2023-27534

2023-03-30 20:15:07

ubuntucve

CVE-2023-27534

2023-03-20 00:00:00

redos

ROS-20230406-01

2023-04-06 00:00:00

amazon

Medium: curl

2023-04-13 19:01:00

Medium: curl

2023-06-05 16:39:00

redhat

(RHSA-2023:6679) Moderate: curl security update

2023-11-07 06:11:52

(RHSA-2023:3354) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

2023-06-05 11:45:17

(RHSA-2023:3355) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

2023-06-05 11:45:22

oraclelinux

curl security update

2023-11-11 00:00:00

almalinux

Moderate: curl security update

2023-11-07 00:00:00

ubuntu

curl vulnerabilities

2023-03-20 00:00:00

cloudfoundry

USN-5964-1: curl vulnerabilities | Cloud Foundry

2023-04-29 00:00:00

fedora

[SECURITY] Fedora 36 Update: curl-7.82.0-14.fc36

2023-04-09 01:41:25

[SECURITY] Fedora 38 Update: curl-7.87.0-7.fc38

2023-03-29 00:19:18

[SECURITY] Fedora 37 Update: curl-7.85.0-8.fc37

2023-03-27 02:01:30

freebsd

curl -- multiple vulnerabilities

2023-03-20 00:00:00

photon

Important Photon OS Security Update - PHSA-2023-4.0-0371

2023-04-06 00:00:00

Important Photon OS Security Update - PHSA-2023-3.0-0589

2023-05-31 00:00:00

Critical Photon OS Security Update - PHSA-2023-3.0-0603

2023-06-26 00:00:00

slackware

[slackware-security] curl

2023-03-20 19:35:43

aix

Multiple vulnerabilities cURL libcurl affect AIX

2023-06-29 09:35:59

mageia

Updated curl packages fix security vulnerability

2023-09-25 01:16:18

gentoo

curl: Multiple Vulnerabilities

2023-10-11 00:00:00

ics

Siemens SINEC NMS

2024-02-15 12:00:00

Siemens SCALANCE XCM-/XRM-300

2024-02-15 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

tenable

[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities

2023-06-29 10:45:47

oracle

Oracle Critical Patch Update Advisory - October 2023

2023-10-17 00:00:00

Oracle Critical Patch Update Advisory - July 2023

2023-07-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

51.8%

JSON

Related for RH:CVE-2023-27534