all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6429-3: curl vulnerabilities

Add to bookmarks
Oct. 17, 2023, 11:22 a.m. |

Ubuntu security notices ubuntu.com

USN-6429-1 fixed vulnerabilities in curl. This update provides the
corresponding updates for Ubuntu 23.10.

Original advisory details:

Jay Satiro discovered that curl incorrectly handled hostnames when using a
SOCKS5 proxy. In environments where curl is configured to use a SOCKS5
proxy, a remote attacker could possibly use this issue to execute arbitrary
code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
(CVE-2023-38545)

It was discovered that curl incorrectly handled cookies when an application
duplicated certain handles. A local …

advisory arbitrary code attacker code curl environments issue jay proxy socks5 socks5 proxy ubuntu update updates usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6804-1: GNU C Library vulnerabilities 1 day, 19 hours ago | ubuntu.com
attacker buffer buffer overflow cache +17
USN-6803-1: FFmpeg vulnerabilities 2 days, 17 hours ago | ubuntu.com
arbitrary code arbitrary code execution attacker code +15
USN-6802-1: PostgreSQL vulnerability 2 days, 21 hours ago | ubuntu.com
authorization can commands current +9
USN-6801-1: PyMySQL vulnerability 2 days, 21 hours ago | ubuntu.com
attacker attacks injection injection attacks +8
USN-6800-1: browserify-sign vulnerability 2 days, 22 hours ago | ubuntu.com
attack attacker automated check +10
USN-6799-1: Werkzeug vulnerability 3 days, 17 hours ago | ubuntu.com
attacker code debugger host +6
USN-6798-1: GStreamer Base Plugins vulnerability 3 days, 18 hours ago | ubuntu.com
arbitrary code attacker base code +7
USN-6796-1: TPM2 Software Stack vulnerabilities 3 days, 19 hours ago | ubuntu.com
arbitrary code arrays attacker code +10
USN-6797-1: Intel Microcode vulnerabilities 4 days, 1 hour ago | ubuntu.com
access features hardware intel +17

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com