CVE-2023-38039

CVE-2023-38039

Name

CVE-2023-38039

Description

When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://hackerone.com/reports/2072338
MISC	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEAWTYHC3RT6ZRS5OZRHLAIENVN6CCIS/
MISC	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KGKB2JNZVT276JYSKI6FV2VFJUGDOJ/
MISC	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DCZMYODALBLVOXVJEN2LF2MLANEYL4F/
MISC	https://security.gentoo.org/glsa/202310-12
MISC	https://security.netapp.com/advisory/ntap-20231013-0005/
MISC	http://seclists.org/fulldisclosure/2023/Oct/17
support@hackerone.com	https://www.insyde.com/security-pledge/SA-2023064
support@hackerone.com	https://support.apple.com/kb/HT214057
support@hackerone.com	https://support.apple.com/kb/HT214058
support@hackerone.com	https://support.apple.com/kb/HT214063
support@hackerone.com	https://support.apple.com/kb/HT214036
support@hackerone.com	http://seclists.org/fulldisclosure/2024/Jan/34
support@hackerone.com	http://seclists.org/fulldisclosure/2024/Jan/37
support@hackerone.com	http://seclists.org/fulldisclosure/2024/Jan/38

Type

URI

MISC

https://hackerone.com/reports/2072338

MISC

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEAWTYHC3RT6ZRS5OZRHLAIENVN6CCIS/

MISC

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KGKB2JNZVT276JYSKI6FV2VFJUGDOJ/

MISC

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DCZMYODALBLVOXVJEN2LF2MLANEYL4F/

MISC

https://security.gentoo.org/glsa/202310-12

MISC

https://security.netapp.com/advisory/ntap-20231013-0005/

MISC

http://seclists.org/fulldisclosure/2023/Oct/17

support@hackerone.com

https://www.insyde.com/security-pledge/SA-2023064

support@hackerone.com

https://support.apple.com/kb/HT214057

support@hackerone.com

https://support.apple.com/kb/HT214058

support@hackerone.com

https://support.apple.com/kb/HT214063

support@hackerone.com

https://support.apple.com/kb/HT214036

support@hackerone.com

http://seclists.org/fulldisclosure/2024/Jan/34

support@hackerone.com

http://seclists.org/fulldisclosure/2024/Jan/37

support@hackerone.com

http://seclists.org/fulldisclosure/2024/Jan/38

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:haxx:curl::::::::`	curl	>= 7.84.0	< 8.3.0

CPE URI

Source package

Min version

Max version

cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*

curl

>= 7.84.0

< 8.3.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
curl	edge-main	8.3.0-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
curl	edge-main	8.1.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	edge-main	8.0.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	edge-main	7.88.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	edge-main	7.87.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	edge-main	7.86.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	edge-main	7.85.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	edge-main	7.84.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	3.22-main	8.3.0-r0	None	fixed
curl	3.22-main	8.1.0-r0	None	possibly vulnerable
curl	3.22-main	8.0.0-r0	None	possibly vulnerable
curl	3.22-main	7.88.0-r0	None	possibly vulnerable
curl	3.22-main	7.87.0-r0	None	possibly vulnerable
curl	3.22-main	7.86.0-r0	None	possibly vulnerable
curl	3.22-main	7.85.0-r0	None	possibly vulnerable
curl	3.22-main	7.84.0-r0	None	possibly vulnerable
curl	3.21-main	8.3.0-r0	None	fixed
curl	3.21-main	8.1.0-r0	None	possibly vulnerable
curl	3.21-main	8.0.0-r0	None	possibly vulnerable
curl	3.21-main	7.88.0-r0	None	possibly vulnerable
curl	3.21-main	7.87.0-r0	None	possibly vulnerable
curl	3.21-main	7.86.0-r0	None	possibly vulnerable
curl	3.21-main	7.85.0-r0	None	possibly vulnerable
curl	3.21-main	7.84.0-r0	None	possibly vulnerable
curl	3.20-main	8.3.0-r0	None	fixed
curl	3.20-main	8.1.0-r0	None	possibly vulnerable
curl	3.20-main	8.0.0-r0	None	possibly vulnerable
curl	3.20-main	7.88.0-r0	None	possibly vulnerable
curl	3.20-main	7.87.0-r0	None	possibly vulnerable
curl	3.20-main	7.86.0-r0	None	possibly vulnerable
curl	3.20-main	7.85.0-r0	None	possibly vulnerable
curl	3.20-main	7.84.0-r0	None	possibly vulnerable
curl	3.19-main	8.3.0-r0	None	fixed
curl	3.19-main	8.1.0-r0	None	possibly vulnerable
curl	3.19-main	8.0.0-r0	None	possibly vulnerable
curl	3.19-main	7.88.0-r0	None	possibly vulnerable
curl	3.19-main	7.87.0-r0	None	possibly vulnerable
curl	3.19-main	7.86.0-r0	None	possibly vulnerable
curl	3.19-main	7.85.0-r0	None	possibly vulnerable
curl	3.19-main	7.84.0-r0	None	possibly vulnerable
curl	3.18-main	8.3.0-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
curl	3.17-main	8.3.0-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages