CLSA-2024-1710786562

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2024-1710786562.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2024-1710786562
Upstream
Published
2024-03-18T18:29:24Z
Modified
2026-06-04T09:46:25.068115488Z
Summary
Fix CVE(s): CVE-2023-46218
Details
  • SECURITY UPDATE: Improper cookie domain verification allows malicious HTTP server to set 'super cookies' in package
    • debian/control: Build-Depends: add libpsl-dev
    • debian/patches/CVE-2023-46218.patch: Lowercase domain names before PSL checks to ensure proper comparison
    • CVE-2023-46218
References

Affected packages

TuxCare:Ubuntu:16.04
curl

Package

Name
curl
Purl
pkg:deb/tuxcare/curl?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.47.0-1ubuntu2.23+tuxcare.els11

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2024-1710786562.json"
libcurl3

Package

Name
libcurl3
Purl
pkg:deb/tuxcare/libcurl3?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.47.0-1ubuntu2.23+tuxcare.els11

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2024-1710786562.json"
libcurl3-gnutls

Package

Name
libcurl3-gnutls
Purl
pkg:deb/tuxcare/libcurl3-gnutls?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.47.0-1ubuntu2.23+tuxcare.els11

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2024-1710786562.json"
libcurl3-nss

Package

Name
libcurl3-nss
Purl
pkg:deb/tuxcare/libcurl3-nss?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.47.0-1ubuntu2.23+tuxcare.els11

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2024-1710786562.json"
libcurl4-doc

Package

Name
libcurl4-doc
Purl
pkg:deb/tuxcare/libcurl4-doc?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.47.0-1ubuntu2.23+tuxcare.els11

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2024-1710786562.json"
libcurl4-gnutls-dev

Package

Name
libcurl4-gnutls-dev
Purl
pkg:deb/tuxcare/libcurl4-gnutls-dev?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.47.0-1ubuntu2.23+tuxcare.els11

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2024-1710786562.json"
libcurl4-nss-dev

Package

Name
libcurl4-nss-dev
Purl
pkg:deb/tuxcare/libcurl4-nss-dev?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.47.0-1ubuntu2.23+tuxcare.els11

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2024-1710786562.json"
libcurl4-openssl-dev

Package

Name
libcurl4-openssl-dev
Purl
pkg:deb/tuxcare/libcurl4-openssl-dev?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.47.0-1ubuntu2.23+tuxcare.els11

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2024-1710786562.json"