CVE-2023-38039
high-risk
Published 2023-09-15
When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory.
Do I need to act?
!
12.3% chance of exploitation in next 30 days
EPSS score — higher than 88% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (12)
Affected Vendors
References (30)
Mailing List
http://seclists.org/fulldisclosure/2023/Oct/17
Mailing List
http://seclists.org/fulldisclosure/2024/Jan/34
Mailing List
http://seclists.org/fulldisclosure/2024/Jan/37
Mailing List
http://seclists.org/fulldisclosure/2024/Jan/38
Third Party Advisory
https://security.gentoo.org/glsa/202310-12
Third Party Advisory
https://security.netapp.com/advisory/ntap-20231013-0005/
Third Party Advisory
https://support.apple.com/kb/HT214036
Third Party Advisory
https://support.apple.com/kb/HT214057
Third Party Advisory
https://support.apple.com/kb/HT214058
Third Party Advisory
https://support.apple.com/kb/HT214063
Third Party Advisory
https://www.insyde.com/security-pledge/SA-2023064
Mailing List
http://seclists.org/fulldisclosure/2023/Oct/17
Mailing List
http://seclists.org/fulldisclosure/2024/Jan/34
Mailing List
http://seclists.org/fulldisclosure/2024/Jan/37
Mailing List
http://seclists.org/fulldisclosure/2024/Jan/38
and 10 more references
55
/ 100
high-risk
Severity
26/34 · High
Exploitability
12/34 · Low
Exposure
17/34 · Moderate