{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-28322", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "dateUpdated": "2026-02-13T19:43:18.938Z", "dateReserved": "2023-03-14T00:00:00.000Z", "datePublished": "2023-05-26T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2023-12-22T16:06:14.746Z"}, "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST."}], "affected": [{"vendor": "n/a", "product": "https://github.com/curl/curl", "versions": [{"version": "Fixed in 8.1.0", "status": "affected"}]}], "references": [{"url": "https://hackerone.com/reports/1954658"}, {"name": "FEDORA-2023-37eac50e9b", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/"}, {"name": "FEDORA-2023-8ed627bb04", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/"}, {"url": "https://security.netapp.com/advisory/ntap-20230609-0009/"}, {"url": "https://support.apple.com/kb/HT213843"}, {"url": "https://support.apple.com/kb/HT213844"}, {"url": "https://support.apple.com/kb/HT213845"}, {"name": "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2023/Jul/52"}, {"name": "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2023/Jul/48"}, {"name": "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2023/Jul/47"}, {"name": "GLSA-202310-12", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202310-12"}, {"name": "[debian-lts-announce] 20231222 [SECURITY] [DLA 3692-1] curl security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "Information Disclosure (CWE-200)", "cweId": "CWE-200"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T12:38:25.091Z"}, "title": "CVE Program Container", "references": [{"url": "https://hackerone.com/reports/1954658", "tags": ["x_transferred"]}, {"name": "FEDORA-2023-37eac50e9b", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/"}, {"name": "FEDORA-2023-8ed627bb04", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/"}, {"url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213843", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213844", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213845", "tags": ["x_transferred"]}, {"name": "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2023/Jul/52"}, {"name": "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2023/Jul/48"}, {"name": "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2023/Jul/47"}, {"name": "GLSA-202310-12", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202310-12"}, {"name": "[debian-lts-announce] 20231222 [SECURITY] [DLA 3692-1] curl security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html"}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-02-13T19:43:16.334601Z", "id": "CVE-2023-28322", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-13T19:43:18.938Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://hackerone.com/reports/1954658", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/", "name": "FEDORA-2023-37eac50e9b", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/", "name": "FEDORA-2023-8ed627bb04", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213843", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213844", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213845", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2023/Jul/52", "name": "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", "tags": ["mailing-list", "x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2023/Jul/48", "name": "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", "tags": ["mailing-list", "x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2023/Jul/47", "name": "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", "tags": ["mailing-list", "x_transferred"]}, {"url": "https://security.gentoo.org/glsa/202310-12", "name": "GLSA-202310-12", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html", "name": "[debian-lts-announce] 20231222 [SECURITY] [DLA 3692-1] curl security update", "tags": ["mailing-list", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T12:38:25.091Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-28322", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-13T19:43:16.334601Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-13T19:38:28.723Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "https://github.com/curl/curl", "versions": [{"status": "affected", "version": "Fixed in 8.1.0"}]}], "references": [{"url": "https://hackerone.com/reports/1954658"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/", "name": "FEDORA-2023-37eac50e9b", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/", "name": "FEDORA-2023-8ed627bb04", "tags": ["vendor-advisory"]}, {"url": "https://security.netapp.com/advisory/ntap-20230609-0009/"}, {"url": "https://support.apple.com/kb/HT213843"}, {"url": "https://support.apple.com/kb/HT213844"}, {"url": "https://support.apple.com/kb/HT213845"}, {"url": "http://seclists.org/fulldisclosure/2023/Jul/52", "name": "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", "tags": ["mailing-list"]}, {"url": "http://seclists.org/fulldisclosure/2023/Jul/48", "name": "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", "tags": ["mailing-list"]}, {"url": "http://seclists.org/fulldisclosure/2023/Jul/47", "name": "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", "tags": ["mailing-list"]}, {"url": "https://security.gentoo.org/glsa/202310-12", "name": "GLSA-202310-12", "tags": ["vendor-advisory"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html", "name": "[debian-lts-announce] 20231222 [SECURITY] [DLA 3692-1] curl security update", "tags": ["mailing-list"]}], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "Information Disclosure (CWE-200)"}]}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2023-12-22T16:06:14.746Z"}}}, "cveMetadata": {"cveId": "CVE-2023-28322", "state": "PUBLISHED", "dateUpdated": "2026-02-13T19:43:18.938Z", "dateReserved": "2023-03-14T00:00:00.000Z", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "datePublished": "2023-05-26T00:00:00.000Z", "assignerShortName": "hackerone"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "matchCriteriaId": "376FCCEF-74BD-4A99-8A1E-B70A83D89E71", "versionEndExcluding": "8.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "FB5312D6-AEEA-4548-B3EF-B07B46168475", "versionEndExcluding": "11.7.9", "versionStartIncluding": "11.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "5B763A1F-C183-4728-B593-67558FD9FC36", "versionEndExcluding": "12.6.8", "versionStartIncluding": "12.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627", "versionEndExcluding": "13.5", "versionStartIncluding": "13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:ontap_antivirus_connector:-:*:*:*:*:*:*:*", "matchCriteriaId": "759D1A24-B23B-404E-AD39-F18D7DBAD501", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST."}], "id": "CVE-2023-28322", "lastModified": "2026-02-13T20:16:15.183", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-05-26T21:15:16.153", "references": [{"source": "support@hackerone.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Jul/47"}, {"source": "support@hackerone.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Jul/48"}, {"source": "support@hackerone.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Jul/52"}, {"source": "support@hackerone.com", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://hackerone.com/reports/1954658"}, {"source": "support@hackerone.com", "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html"}, {"source": "support@hackerone.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/"}, {"source": "support@hackerone.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/"}, {"source": "support@hackerone.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202310-12"}, {"source": "support@hackerone.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/"}, {"source": "support@hackerone.com", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT213843"}, {"source": "support@hackerone.com", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT213844"}, {"source": "support@hackerone.com", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT213845"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Jul/47"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Jul/48"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Jul/52"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://hackerone.com/reports/1954658"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202310-12"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT213843"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT213844"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT213845"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "support@hackerone.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Daniel Stenberg and Hiroki Kurosawa for reporting this issue.", "affected_release": [{"advisory": "RHSA-2023:4629", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-curl-0:8.2.1-1.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2023-08-15T00:00:00Z"}, {"advisory": "RHSA-2023:4629", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-curl-0:8.2.1-1.el7jbcs", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2023-08-15T00:00:00Z"}, {"advisory": "RHSA-2024:1601", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "curl-0:7.61.1-33.el8_9.5", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-04-02T00:00:00Z"}, {"advisory": "RHSA-2024:0428", "cpe": "cpe:/o:redhat:rhel_eus:8.6", "package": "curl-0:7.61.1-22.el8_6.12", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2024-01-25T00:00:00Z"}, {"advisory": "RHSA-2024:0585", "cpe": "cpe:/o:redhat:rhel_eus:8.8", "package": "curl-0:7.61.1-30.el8_8.9", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-01-30T00:00:00Z"}, {"advisory": "RHSA-2023:4354", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "curl-0:7.76.1-23.el9_2.2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-08-01T00:00:00Z"}, {"advisory": "RHSA-2023:4354", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "curl-0:7.76.1-23.el9_2.2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-08-01T00:00:00Z"}, {"advisory": "RHSA-2023:5598", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "curl-0:7.76.1-14.el9_0.7", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-10-10T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/cluster-logging-operator-bundle:v5.6.18-16", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/cluster-logging-rhel8-operator:v5.6.18-7", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch6-rhel8:v6.8.1-409", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-operator-bundle:v5.6.18-16", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-481", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-rhel8-operator:v5.6.18-7", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/eventrouter-rhel8:v0.4.0-246", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/fluentd-rhel8:v1.14.6-216", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/kibana6-rhel8:v6.8.1-430", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-226", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-curator5-rhel8:v5.8.1-472", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-loki-rhel8:v2.9.6-16", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-view-plugin-rhel8:v5.6.18-3", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/loki-operator-bundle:v5.6.18-30", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/loki-rhel8-operator:v5.6.18-12", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/lokistack-gateway-rhel8:v0.1.0-528", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/opa-openshift-rhel8:v0.1.0-226", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/vector-rhel8:v0.21.0-127", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/cluster-logging-operator-bundle:v5.7.13-16", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/cluster-logging-rhel8-operator:v5.7.13-7", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch6-rhel8:v6.8.1-408", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-operator-bundle:v5.7.13-19", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-480", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-rhel8-operator:v5.7.13-9", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/eventrouter-rhel8:v0.4.0-248", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/fluentd-rhel8:v1.14.6-215", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/kibana6-rhel8:v6.8.1-431", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-228", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-curator5-rhel8:v5.8.1-471", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-loki-rhel8:v2.9.6-15", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-view-plugin-rhel8:v5.7.13-3", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/loki-operator-bundle:v5.7.13-27", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/loki-rhel8-operator:v5.7.13-12", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/lokistack-gateway-rhel8:v0.1.0-527", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/opa-openshift-rhel8:v0.1.0-225", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/vector-rhel8:v0.28.1-57", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2023:4628", "cpe": "cpe:/a:redhat:jboss_core_services:1", "package": "curl", "product_name": "Text-Only JBCS", "release_date": "2023-08-15T00:00:00Z"}], "bugzilla": {"description": "curl: more POST-after-PUT confusion", "id": "2196793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196793"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.7", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "status": "verified"}, "cwe": "CWE-440", "details": ["An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.", "A use-after-free flaw was found in the Curl package. This issue may lead to unintended information disclosure by the application."], "name": "CVE-2023-28322", "package_state": [{"cpe": "cpe:/a:redhat:rhel_dotnet:3.1", "fix_state": "Out of support scope", "package_name": "rh-dotnet31-curl", "product_name": ".NET Core 3.1 on Red Hat Enterprise Linux"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "curl", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "curl", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2023-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-28322\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-28322\nhttps://curl.se/docs/CVE-2023-28322.html"], "threat_severity": "Low"}