CURL-CVE-2023-46219

Source

https://curl.se/docs/CVE-2023-46219.html

Import Source

https://curl.se/docs/CURL-CVE-2023-46219.json

Aliases

CVE-2023-46219

Published

2023-12-06T08:00:00Z

Modified

2024-01-25T02:42:52.518129Z

Summary

HSTS long file name clears contents

Details

When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.

References

Affected packages

Git / github.com/curl/curl.git

Affected ranges

Type: SEMVER
Events: Introduced

7.84.0

Fixed

8.5.0

Type: GIT
Repo: https://github.com/curl/curl.git
Events: Introduced

20f9dd6bae50b7223171b17ba7798946e74f877f

Fixed

73b65e94f3531179de45c6f3c836a610e3d0a846

Affected versions

7.*

7.84.0

7.85.0

7.86.0

7.87.0

7.88.0

7.88.1

8.*

8.0.0

8.0.1

8.1.0

8.1.1

8.1.2

8.2.0

8.2.1

8.3.0

8.4.0