{"api_version":"1","generated_at":"2026-04-22T18:32:11+00:00","cve":"CVE-2023-28322","urls":{"html":"https://cve.report/CVE-2023-28322","api":"https://cve.report/api/cve/CVE-2023-28322.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-28322","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-28322"},"summary":{"title":"CVE-2023-28322","description":"An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.","state":"PUBLIC","assigner":"support@hackerone.com","published_at":"2023-05-26 21:15:00","updated_at":"2023-12-22 16:15:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/","name":"FEDORA-2023-8ed627bb04","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 37 Update: curl-7.85.0-9.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/48","name":"20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213843","name":"https://support.apple.com/kb/HT213843","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Ventura 13.5 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT213844","name":"https://support.apple.com/kb/HT213844","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Monterey 12.6.8 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/202310-12","name":"GLSA-202310-12","refsource":"GENTOO","tags":[],"title":"curl: Multiple Vulnerabilities (GLSA 202310-12) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html","name":"[debian-lts-announce] 20231222 [SECURITY] [DLA 3692-1] curl security update","refsource":"","tags":[],"title":"[SECURITY] [DLA 3692-1] curl security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT213845","name":"https://support.apple.com/kb/HT213845","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Big Sur 11.7.9 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/47","name":"20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-07-24-4 macOS Ventura 13.5","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/52","name":"20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230609-0009/","name":"https://security.netapp.com/advisory/ntap-20230609-0009/","refsource":"CONFIRM","tags":[],"title":"May 2023 cURL/libcURL Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/","name":"FEDORA-2023-37eac50e9b","refsource":"","tags":[],"title":"[SECURITY] Fedora 38 Update: curl-8.0.1-2.fc38 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/","name":"FEDORA-2023-8ed627bb04","refsource":"","tags":[],"title":"[SECURITY] Fedora 37 Update: curl-7.85.0-9.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://hackerone.com/reports/1954658","name":"https://hackerone.com/reports/1954658","refsource":"MISC","tags":[],"title":"HackerOne","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/","name":"FEDORA-2023-37eac50e9b","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 38 Update: curl-8.0.1-2.fc38 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-28322","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28322","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"28322","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"37","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"38","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"haxx","cpe5":"curl","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"clustered_data_ontap","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h300s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h300s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h410s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h410s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h500s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h500s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h700s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h700s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28322","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"ontap_antivirus_connector","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-28322","qid":"160825","title":"Oracle Enterprise Linux Security Update for curl (ELSA-2023-4354)"},{"cve":"CVE-2023-28322","qid":"161458","title":"Oracle Enterprise Linux Security Update for curl (ELSA-2024-1601)"},{"cve":"CVE-2023-28322","qid":"184725","title":"Debian Security Update for curl (CVE-2023-28322)"},{"cve":"CVE-2023-28322","qid":"199591","title":"Ubuntu Security Notification for curl Vulnerabilities (USN-6237-1)"},{"cve":"CVE-2023-28322","qid":"241893","title":"Red Hat Update for curl (RHSA-2023:4354)"},{"cve":"CVE-2023-28322","qid":"241954","title":"Red Hat Update for JBoss Core Services (RHSA-2023:4629)"},{"cve":"CVE-2023-28322","qid":"242150","title":"Red Hat Update for curl (RHSA-2023:5598)"},{"cve":"CVE-2023-28322","qid":"242817","title":"Red Hat Update for curl (RHSA-2024:0585)"},{"cve":"CVE-2023-28322","qid":"242849","title":"Red Hat Update for curl (RHSA-2024:0428)"},{"cve":"CVE-2023-28322","qid":"243155","title":"Red Hat Update for curl (RHSA-2024:1601)"},{"cve":"CVE-2023-28322","qid":"284014","title":"Fedora Security Update for curl (FEDORA-2023-8ed627bb04)"},{"cve":"CVE-2023-28322","qid":"284076","title":"Fedora Security Update for curl (FEDORA-2023-37eac50e9b)"},{"cve":"CVE-2023-28322","qid":"355747","title":"Amazon Linux Security Advisory for curl : ALAS2023-2023-270"},{"cve":"CVE-2023-28322","qid":"378687","title":"Apple macOS Ventura 13.5 Not Installed (HT213843)"},{"cve":"CVE-2023-28322","qid":"378688","title":"Apple macOS Monterey 12.6.8 Not Installed (HT213844)"},{"cve":"CVE-2023-28322","qid":"378689","title":"Apple macOS Big Sur 11.7.9 Not Installed (HT213845)"},{"cve":"CVE-2023-28322","qid":"503014","title":"Alpine Linux Security Update for curl"},{"cve":"CVE-2023-28322","qid":"6000399","title":"Debian Security Update for curl (DLA 3692-1)"},{"cve":"CVE-2023-28322","qid":"673227","title":"EulerOS Security Update for curl (EulerOS-SA-2023-2350)"},{"cve":"CVE-2023-28322","qid":"673249","title":"EulerOS Security Update for curl (EulerOS-SA-2023-2376)"},{"cve":"CVE-2023-28322","qid":"673298","title":"EulerOS Security Update for curl (EulerOS-SA-2023-2578)"},{"cve":"CVE-2023-28322","qid":"673312","title":"EulerOS Security Update for curl (EulerOS-SA-2023-2608)"},{"cve":"CVE-2023-28322","qid":"673616","title":"EulerOS Security Update for curl (EulerOS-SA-2023-2635)"},{"cve":"CVE-2023-28322","qid":"673678","title":"EulerOS Security Update for curl (EulerOS-SA-2023-2677)"},{"cve":"CVE-2023-28322","qid":"691172","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for curl (a4f8bb03-f52f-11ed-9859-080027083a05)"},{"cve":"CVE-2023-28322","qid":"710772","title":"Gentoo Linux curl Multiple Vulnerabilities (GLSA 202310-12)"},{"cve":"CVE-2023-28322","qid":"754020","title":"SUSE Enterprise Linux Security Update for curl (SUSE-SU-2023:2226-1)"},{"cve":"CVE-2023-28322","qid":"754021","title":"SUSE Enterprise Linux Security Update for curl (SUSE-SU-2023:2228-1)"},{"cve":"CVE-2023-28322","qid":"754022","title":"SUSE Enterprise Linux Security Update for curl (SUSE-SU-2023:2227-1)"},{"cve":"CVE-2023-28322","qid":"754069","title":"SUSE Enterprise Linux Security Update for curl (SUSE-SU-2023:2225-1)"},{"cve":"CVE-2023-28322","qid":"906994","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for curl (26792-1)"},{"cve":"CVE-2023-28322","qid":"906995","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cmake (26791-1)"},{"cve":"CVE-2023-28322","qid":"907008","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for curl (26846-1)"},{"cve":"CVE-2023-28322","qid":"941198","title":"AlmaLinux Security Update for curl (ALSA-2023:4354)"},{"cve":"CVE-2023-28322","qid":"941637","title":"AlmaLinux Security Update for curl (ALSA-2024:1601)"},{"cve":"CVE-2023-28322","qid":"961151","title":"Rocky Linux Security Update for curl (RLSA-2024:1601)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2023-28322","ASSIGNER":"support@hackerone.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"https://github.com/curl/curl","version":{"version_data":[{"version_value":"Fixed in 8.1.0"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Information Disclosure (CWE-200)"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://hackerone.com/reports/1954658","url":"https://hackerone.com/reports/1954658"},{"refsource":"FEDORA","name":"FEDORA-2023-37eac50e9b","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/"},{"refsource":"FEDORA","name":"FEDORA-2023-8ed627bb04","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20230609-0009/","url":"https://security.netapp.com/advisory/ntap-20230609-0009/"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213843","url":"https://support.apple.com/kb/HT213843"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213844","url":"https://support.apple.com/kb/HT213844"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213845","url":"https://support.apple.com/kb/HT213845"},{"refsource":"FULLDISC","name":"20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9","url":"http://seclists.org/fulldisclosure/2023/Jul/52"},{"refsource":"FULLDISC","name":"20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8","url":"http://seclists.org/fulldisclosure/2023/Jul/48"},{"refsource":"FULLDISC","name":"20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5","url":"http://seclists.org/fulldisclosure/2023/Jul/47"},{"refsource":"GENTOO","name":"GLSA-202310-12","url":"https://security.gentoo.org/glsa/202310-12"}]},"description":{"description_data":[{"lang":"eng","value":"An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST."}]}},"nvd":{"publishedDate":"2023-05-26 21:15:00","lastModifiedDate":"2023-12-22 16:15:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":3.7,"baseSeverity":"LOW"},"exploitabilityScore":2.2,"impactScore":1.4}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionEndExcluding":"8.1.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0","versionEndExcluding":"13.5","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0","versionEndExcluding":"12.6.8","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0","versionEndExcluding":"11.7.9","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:ontap_antivirus_connector:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":null,"notes":[]}}}