View | Details | Raw Unified | Return to bug 275640 | Differences between
and this patch

Collapse All | Expand All

(-)b/security/vuxml/vuln/2023.xml (-1 / +32 lines)
Lines 1-3 Link Here
1 
  <vuln vid="9744c84d-9608-11ee-8731-000af7b98cf6">
2 
    <topic>curl -- multiple vulnerabilities</topic>
3 
    <affects>
4 
      <package>
5 
	<name>curl</name>
6 
	<range><lt>8.5.0</lt></range>
7 
      </package>
8 
    </affects>
9 
    <description>
10 
	<body xmlns="http://www.w3.org/1999/xhtml">
11 
	<p>Harry Sintonen and Maksymilian Arciemowicz reports:</p>
12 
	<blockquote cite="https://curl.se/docs/security.html">
13 
		<p>This update fixes 2 security vulnerabilities:</p>
14 
		<ul>
15 
			<li>Medium CVE-2023-46218: cookie mixed case PSL bypass. Reported by Harry Sintonen on 2023-10-16.</li>
16 
			<li>Low CVE-2023-46219: HSTS long file name clears contents. Reportede by Maksymilian Arciemowicz on 2023-11-2</li>
17 
		</ul>
18 
	</blockquote>
19 
	</body>
20 
    </description>
21 
    <references>
22 
      <cvename>CVE-2023-28318</cvename>
23 
      <url>https://curl.se/docs/CVE-2023-46218.html</url>
24 
      <cvename>CVE-2023-46219</cvename>
25 
      <url>https://curl.se/docs/CVE-2023-46219.html</url>
26 
    </references>
27 
    <dates>
28 
      <discovery>2023-10-16</discovery>
29 
      <entry>2023-12-08</entry>
30 
    </dates>
31 
  </vuln>
32 

            

        

          1
          
  <vuln vid="e07a7754-12a4-4661-b852-fd221d68955f">

          33
          
  <vuln vid="e07a7754-12a4-4661-b852-fd221d68955f">

        

        

          2
          
    <topic>electron25 -- multiple vulnerabilities</topic>

          34
          
    <topic>electron25 -- multiple vulnerabilities</topic>

        

        

          3
          
    <affects>

          35
          
    <affects>

        

            

              4
              
- 

              
              
            






  

  Return to bug 275640