all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6429-2: curl vulnerability

Add to bookmarks
Oct. 11, 2023, 3:17 p.m. |

Ubuntu security notices ubuntu.com

USN-6429-1 fixed a vulnerability in curl. This update provides
the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS
and Ubuntu 18.04 LTS.

Original advisory details:

It was discovered that curl incorrectly handled cookies when an application
duplicated certain handles. A local attacker could possibly create a cookie
file and inject arbitrary cookies into subsequent connections.
(CVE-2023-38546)

advisory application attacker connections cookie cookies curl curl vulnerability cve file inject local lts ubuntu update usn vulnerability

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6767-1: Linux kernel vulnerabilities 1 day, 17 hours ago | ubuntu.com
attacker compromise crash cve +19
USN-6766-1: Linux kernel vulnerabilities 1 day, 18 hours ago | ubuntu.com
action attacker conditions crash +19
USN-6765-1: Linux kernel (OEM) vulnerabilities 1 day, 22 hours ago | ubuntu.com
attacker crash cve data +15
USN-6764-1: libde265 vulnerability 1 day, 22 hours ago | ubuntu.com
attacker automated denial of service file +7
USN-6754-2: nghttp2 vulnerability 1 day, 22 hours ago | ubuntu.com
advisory attacker denial of service http +11
USN-6763-1: libvirt vulnerability 2 days, 2 hours ago | ubuntu.com
access attacker authorization issue +6
USN-6757-2: PHP vulnerabilities 6 days, 21 hours ago | ubuntu.com
advisory arbitrary code attacker code +15
USN-6762-1: GNU C Library vulnerabilities 1 week ago | ubuntu.com
arbitrary code attacker attackers code +14
USN-6747-2: Firefox regressions 1 week ago | ubuntu.com
advisory attacker denial of service domains +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Engineer

@ SNC-Lavalin | GB.Bristol.The Hub
View on infosec-jobs.com

Application Security Engineer

@ Virtru | Remote
View on infosec-jobs.com

SC2024-003563 Firewall Coordinator (NS) - TUE 21 May

@ EMW, Inc. | Mons, Wallonia, Belgium
View on infosec-jobs.com

Senior Application Security Engineer

@ Fortis Games | Remote - Canada
View on infosec-jobs.com

DevSecOps Manager

@ Philips | Bengaluru – Embassy Business Hub
View on infosec-jobs.com

Information System Security Manager (ISSM)

@ ARA | Raleigh, North Carolina, United States
View on infosec-jobs.com
View more jobs