{"api_version":"1","generated_at":"2026-04-22T18:31:55+00:00","cve":"CVE-2023-28319","urls":{"html":"https://cve.report/CVE-2023-28319","api":"https://cve.report/api/cve/CVE-2023-28319.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-28319","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-28319"},"summary":{"title":"CVE-2023-28319","description":"A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed.","state":"PUBLIC","assigner":"support@hackerone.com","published_at":"2023-05-26 21:15:00","updated_at":"2023-10-20 18:42:00"},"problem_types":["CWE-416"],"metrics":[],"references":[{"url":"http://seclists.org/fulldisclosure/2023/Jul/48","name":"20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213843","name":"https://support.apple.com/kb/HT213843","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Ventura 13.5 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT213844","name":"https://support.apple.com/kb/HT213844","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Monterey 12.6.8 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/202310-12","name":"GLSA-202310-12","refsource":"GENTOO","tags":[],"title":"curl: Multiple Vulnerabilities (GLSA 202310-12) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213845","name":"https://support.apple.com/kb/HT213845","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Big Sur 11.7.9 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://hackerone.com/reports/1913733","name":"https://hackerone.com/reports/1913733","refsource":"MISC","tags":[],"title":"HackerOne","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/47","name":"20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-07-24-4 macOS Ventura 13.5","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/52","name":"20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230609-0009/","name":"https://security.netapp.com/advisory/ntap-20230609-0009/","refsource":"CONFIRM","tags":[],"title":"May 2023 cURL/libcURL Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-28319","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28319","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"28319","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28319","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"haxx","cpe5":"curl","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28319","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"clustered_data_ontap","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28319","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h300s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28319","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h300s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28319","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h410s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28319","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h410s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28319","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h500s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28319","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h500s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28319","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h700s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28319","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h700s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28319","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"ontap_antivirus_connector","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-28319","qid":"183843","title":"Debian Security Update for curl (CVE-2023-28319)"},{"cve":"CVE-2023-28319","qid":"241954","title":"Red Hat Update for JBoss Core Services (RHSA-2023:4629)"},{"cve":"CVE-2023-28319","qid":"355747","title":"Amazon Linux Security Advisory for curl : ALAS2023-2023-270"},{"cve":"CVE-2023-28319","qid":"378687","title":"Apple macOS Ventura 13.5 Not Installed (HT213843)"},{"cve":"CVE-2023-28319","qid":"378688","title":"Apple macOS Monterey 12.6.8 Not Installed (HT213844)"},{"cve":"CVE-2023-28319","qid":"378689","title":"Apple macOS Big Sur 11.7.9 Not Installed (HT213845)"},{"cve":"CVE-2023-28319","qid":"503014","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2023-28319","qid":"691172","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for curl (a4f8bb03-f52f-11ed-9859-080027083a05)"},{"cve":"CVE-2023-28319","qid":"710772","title":"Gentoo Linux curl Multiple Vulnerabilities (GLSA 202310-12)"},{"cve":"CVE-2023-28319","qid":"754069","title":"SUSE Enterprise Linux Security Update for curl (SUSE-SU-2023:2225-1)"},{"cve":"CVE-2023-28319","qid":"907198","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for curl (26795-1)"},{"cve":"CVE-2023-28319","qid":"907375","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for rust (26810-1)"},{"cve":"CVE-2023-28319","qid":"907644","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for mysql (26807-1)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2023-28319","ASSIGNER":"support@hackerone.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"https://github.com/curl/curl","version":{"version_data":[{"version_value":"Fixed in 8.1.0"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Use After Free (CWE-416)"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://hackerone.com/reports/1913733","url":"https://hackerone.com/reports/1913733"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20230609-0009/","url":"https://security.netapp.com/advisory/ntap-20230609-0009/"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213843","url":"https://support.apple.com/kb/HT213843"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213844","url":"https://support.apple.com/kb/HT213844"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213845","url":"https://support.apple.com/kb/HT213845"},{"refsource":"FULLDISC","name":"20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9","url":"http://seclists.org/fulldisclosure/2023/Jul/52"},{"refsource":"FULLDISC","name":"20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8","url":"http://seclists.org/fulldisclosure/2023/Jul/48"},{"refsource":"FULLDISC","name":"20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5","url":"http://seclists.org/fulldisclosure/2023/Jul/47"},{"refsource":"GENTOO","name":"GLSA-202310-12","url":"https://security.gentoo.org/glsa/202310-12"}]},"description":{"description_data":[{"lang":"eng","value":"A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed."}]}},"nvd":{"publishedDate":"2023-05-26 21:15:00","lastModifiedDate":"2023-10-20 18:42:00","problem_types":["CWE-416"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionEndExcluding":"8.1.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0","versionEndExcluding":"13.5","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0","versionEndExcluding":"12.6.8","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0","versionEndExcluding":"11.7.9","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:ontap_antivirus_connector:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":null,"notes":[]}}}