all InfoSec news
CVE-2023-38546 (libcurl)
Oct. 18, 2023, 4:15 a.m. |
National Vulnerability Database web.nvd.nist.gov
using libcurl, if the specific series of conditions are met.
libcurl performs transfers. In its API, an application creates "easy handles"
that are the individual handles for single transfers.
libcurl provides a function call that duplicates en easy handle called
[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).
If a transfer has cookies enabled when the handle is duplicated, the
cookie-enable state is also cloned - but without cloning the actual
cookies. If …
api application attacker call called conditions cookies cve cve-2023-38546 easy flaw function libcurl program running series single transfer
More from web.nvd.nist.gov / National Vulnerability Database
CVE-2023-45955 (lightstrip_firmware)
6 months, 2 weeks ago |
web.nvd.nist.gov
CVE-2023-21380 (android)
6 months, 2 weeks ago |
web.nvd.nist.gov
CVE-2023-21381 (android)
6 months, 2 weeks ago |
web.nvd.nist.gov
CVE-2023-21385 (android)
6 months, 2 weeks ago |
web.nvd.nist.gov
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Computer and Forensics Investigator
@ ManTech | 221BQ - Cstmr Site,Springfield,VA
Senior Security Analyst
@ Oracle | United States
Associate Vulnerability Management Specialist
@ Diebold Nixdorf | Hyderabad, Telangana, India