libcurl can be told to save cookie, HSTS and/or alt-svc data to files. When
doing this, it called `stat()` followed by `fopen()` in a way that made it
vulnerable to a TOCTOU race condition problem.
By exploiting this flaw, an attacker could trick the victim to create or
overwrite protected files holding this data in ways it was not intended to.
CVSS
No CVSS.
References
No reference.
Configurations
No configuration.
History
01 Aug 2023, 06:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
27 Jul 2023, 05:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Jul 2023, 21:40
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-26 21:15
Updated : 2024-02-05 00:01
NVD link : CVE-2023-32001
Mitre link : CVE-2023-32001
CVE.ORG link : CVE-2023-32001
JSON object : View
Products Affected
No product.
CWE
No CWE.