CVE-2023-46219

When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.
Configurations

Configuration 1 (hide)

cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

History

19 Jan 2024, 16:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20240119-0007/ -

24 Dec 2023, 13:15

Type Values Removed Values Added
References
  • () https://www.debian.org/security/2023/dsa-5587 -

15 Dec 2023, 14:49

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-12 02:15

Updated : 2024-02-28 20:54


NVD link : CVE-2023-46219

Mitre link : CVE-2023-46219

CVE.ORG link : CVE-2023-46219


JSON object : View

Products Affected

haxx

  • curl

fedoraproject

  • fedora
CWE
CWE-311

Missing Encryption of Sensitive Data