{"vulnerability": "CVE-2023-38546", "sightings": [{"uuid": "b105d26b-baa1-49e5-ad1a-4f258f487236", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38546", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05", "content": "", "creation_timestamp": "2025-06-12T10:00:00.000000Z"}, {"uuid": "96b989ca-6051-41ea-9366-fdd0d3da7673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2023-38546", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/92582bf5-d92c-47fe-b891-656d271bbfef", "content": "", "creation_timestamp": "2024-10-14T15:50:35.983245Z"}, {"uuid": "360bfc8a-55fc-473d-9c94-ed46e32dec80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38546", "type": "seen", "source": "https://t.me/ctinow/151197", "content": "https://ift.tt/EvtASDu\nInternet Bug Bounty: [CVE-2023-38546] cookie injection with none file", "creation_timestamp": "2023-11-23T03:23:03.000000Z"}, {"uuid": "1a5f7a91-b065-4037-8015-db821d30fbff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38546", "type": "seen", "source": "https://t.me/thehackernews/3979", "content": "\ud83d\udea8 Heads up, Developers! Curl library, backbone of data transfers, to address TWO security vulnerabilities on October 11, 2023. \n \nRead: https://thehackernews.com/2023/10/security-patch-for-two-new-flaws-in.html \n \nCVE-2023-38545 &amp; CVE-2023-38546 pose risks; details under wraps.", "creation_timestamp": "2023-10-09T12:36:14.000000Z"}, {"uuid": "a293839c-2685-477d-95df-fc3326440dde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38546", "type": "seen", "source": "https://t.me/ctinow/142676", "content": "https://ift.tt/LMez73f\ncurl: CVE-2023-38546: cookie injection with none file", "creation_timestamp": "2023-10-11T22:22:32.000000Z"}, {"uuid": "9a2d46b2-9ef6-44bd-b25d-e255d57ca4f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38546", "type": "seen", "source": "https://t.me/cibsecurity/72484", "content": "\u203c CVE-2023-38546 \u203c\n\nThis flaw allows an attacker to insert cookies at will into a running programusing libcurl, if the specific series of conditions are met.libcurl performs transfers. In its API, an application creates \"easy handles\"that are the individual handles for single transfers.libcurl provides a function call that duplicates en easy handle called[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).If a transfer has cookies enabled when the handle is duplicated, thecookie-enable state is also cloned - but without cloning the actualcookies. If the source handle did not read any cookies from a specific file ondisk, the cloned version of the handle would instead store the file name as`none` (using the four ASCII letters, no quotes).Subsequent use of the cloned handle that does not explicitly set a source toload cookies from would then inadvertently load cookies from a file named`none` - if such a file exists and is readable in the current directory of theprogram using libcurl. And if using the correct file format of course.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T07:33:31.000000Z"}, {"uuid": "f3452634-16e8-4e24-bf10-b4b44cd6c2cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38546", "type": "seen", "source": "https://t.me/KomunitiSiber/920", "content": "Two High-Risk Security Flaws Discovered in Curl Library - New Patches Released\nhttps://thehackernews.com/2023/10/two-high-risk-security-flaws-discovered.html\n\nPatches have been released for\u00a0two security flaws\u00a0impacting the Curl data transfer library, the most severe of which could potentially result in code execution.\nThe list of vulnerabilities is as follows -\n\nCVE-2023-38545\u00a0(CVSS score: 7.5) - SOCKS5 heap-based buffer overflow vulnerability\nCVE-2023-38546\u00a0(CVSS score: 5.0) - Cookie injection with none file\n\nCVE-2023-38545 is the more severe of the", "creation_timestamp": "2023-10-12T06:57:55.000000Z"}, {"uuid": "3579cfc1-cf08-449c-8865-afc2dbed1357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38546", "type": "seen", "source": "Telegram/Kx47TlCntu1490zorZUl0W9pF3C_SX_UWayw0MQ5q-BW4Q", "content": "", "creation_timestamp": "2023-10-09T14:40:30.000000Z"}, {"uuid": "95725e6b-975b-4369-8641-e1fcdced425b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38546", "type": "seen", "source": "Telegram/FUmCrmhWwvP-ORi_dMRlBZU3S3dLdvxCoSlYA2gHn_cN2A", "content": "", "creation_timestamp": "2023-10-12T08:03:11.000000Z"}, {"uuid": "00de02b8-1f71-4103-8494-cb32ba3775e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38546", "type": "seen", "source": "https://t.me/KomunitiSiber/902", "content": "Security Patch for Two New Flaws in Curl Library Arriving on October 11\nhttps://thehackernews.com/2023/10/security-patch-for-two-new-flaws-in.html\n\nThe maintainers of the\u00a0Curl library\u00a0have released an advisory warning of two forthcoming security vulnerabilities that are expected to be addressed as part of updates released on October 11, 2023.\nThis\u00a0includes\u00a0a high severity and a low-severity flaw tracked under the identifiers CVE-2023-38545 and CVE-2023-38546, respectively.\nAdditional details about the issues and the exact version ranges", "creation_timestamp": "2023-10-09T13:49:46.000000Z"}, {"uuid": "d1f293a8-2a8c-4c47-9aee-dec631821137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38546", "type": "seen", "source": "https://t.me/true_secator/4944", "content": "\u0421\u043e\u0437\u0434\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043b\u0443\u0436\u0438\u0442 \u043e\u0441\u043d\u043e\u0432\u043e\u0439 \u0434\u043b\u044f \u043c\u043d\u043e\u0433\u0438\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a SSL, TLS, HTTP, FTP, SMTP, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u0443\u0434\u0443\u0442 \u043e\u0431\u044a\u044f\u0432\u043b\u0435\u043d\u044b \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f. \n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043d\u0435\u0431\u0435\u0437\u044b\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c curl, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u043c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c\u0438 \u0438 \u0441\u0438\u0441\u0430\u0434\u043c\u0438\u043d\u0430\u043c\u0438 \u0434\u043b\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 API, \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0440\u0430\u0431\u043e\u0447\u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432 \u0441\u0440\u0435\u0434\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0437\u0430\u0434\u0430\u0447 \u0432 \u0441\u0435\u0442\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442.\n\n\u041d\u0430 GitHub \u0441\u043e\u0437\u0434\u0430\u0442\u0435\u043b\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0443\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u044f\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0434\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 CVE-2023-38545 \u0438 \u0434\u043b\u044f \u043c\u0435\u043d\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b CVE-2023-38546. \n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 curl \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e 11 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0434\u043b\u044f \u043e\u0431\u0435\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c. \u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, CVE-2023-38545 \u0432\u043b\u0438\u044f\u0435\u0442 \u043a\u0430\u043a \u043d\u0430 curl, \u0442\u0430\u043a \u0438 \u043d\u0430 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 libcurl, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a CVE-2023-38546 \u0432\u043b\u0438\u044f\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443.\n\n\u0421\u0430\u043c\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e CVE-2023-38545 \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0438\u0439 \u0434\u0435\u043d\u044c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 curl \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f. \n\n\u041a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f \u0432 \u0446\u0435\u043b\u044f\u0445 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0442\u0430\u043a \u0447\u0442\u043e \u0434\u0435\u0440\u0436\u0438\u043c \u0443\u0445\u043e \u0432\u043e\u0441\u0442\u0440\u043e \u0438 \u0436\u0434\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.", "creation_timestamp": "2023-10-09T19:38:29.000000Z"}, {"uuid": "d6425dcc-4bb6-4649-b87e-9e675ce3f877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38546", "type": "seen", "source": "https://t.me/SecLabNews/14403", "content": "Curl 8.4.0: \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0441\u044f \u0432 \u0434\u043e\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\n\n\u2716\ufe0f \u041d\u043e\u0432\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f curl \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0434\u0432\u0435 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: CVE-2023-38545 \u0438 CVE-2023-38546, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u043a\u0430\u043a libcurl, \u0442\u0430\u043a \u0438 curl.\n\n\u2716\ufe0f \u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0437 \u0441\u0435\u0431\u044f \u043e\u0448\u0438\u0431\u043a\u0443 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0434\u0430\u0436\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0435\u0439 cookie \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e libcurl.\n\n\u2716\ufe0f \u0414\u0430\u043d\u0438\u044d\u043b\u044c \u0421\u0442\u0435\u043d\u0431\u0435\u0440\u0433 \u043f\u0440\u0438\u0437\u043d\u0430\u043b, \u0447\u0442\u043e \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 curl \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u0431\u044b, \u0435\u0441\u043b\u0438 \u0431\u044b \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0431\u044b\u043b \u043d\u0430\u043f\u0438\u0441\u0430\u043d \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u043c \u044f\u0437\u044b\u043a\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441 \u0431\u043e\u043b\u044c\u0448\u0438\u043c \u043e\u0431\u044a\u0451\u043c\u043e\u043c \u043f\u0430\u043c\u044f\u0442\u0438, \u0430 \u043d\u0435 \u043d\u0430 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u043c \u044f\u0437\u044b\u043a\u0435 C.\n\n#curl #\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 @SecLabNews", "creation_timestamp": "2023-10-11T21:31:49.000000Z"}]}