CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
62.5%
libcurl.so is vulnerable to Information Disclosure. The SSH server’s public key is verified with the use of a SHA 256 hash functionality provided by the library, however if the check is unsuccessful, the fingerprint’s memory will be released before an error message is returned. This issue puts users at risk of seeing or learning about private heap-based data that could have been inserted into the error message.
seclists.org/fulldisclosure/2023/Jul/47
seclists.org/fulldisclosure/2023/Jul/48
seclists.org/fulldisclosure/2023/Jul/52
curl.se/docs/CVE-2023-28319.html
github.com/curl/curl/commit/8e21b1a05f3c0ee098dbcb6c3d84cb61f102a122
github.com/curl/curl/pull/11088
hackerone.com/reports/1913733
security.gentoo.org/glsa/202310-12
security.netapp.com/advisory/ntap-20230609-0009/
support.apple.com/kb/HT213843
support.apple.com/kb/HT213844
support.apple.com/kb/HT213845