[SECURITY ADVISORY] curl: CVE-2023-38546

[SECURITY ADVISORY] curl: CVE-2023-38546

Open Source Security 

Posted by Daniel Stenberg on Oct 10

cookie injection with none file
===============================

Project curl Security Advisory, October 11 2023 –
[Permalink](https://curl.se/docs/CVE-2023-38546.html)

VULNERABILITY
————-

This flaw allows an attacker to insert cookies at will into a running program
using libcurl, if the specific series of conditions are met.

libcurl performs transfers. In its API, an application creates „easy handles“
that are the individual…
 Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert