Vulnerability CVE-2023-46218: Information
Description
This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
curl | sisyphus | 8.5.0-alt1 | 8.7.1-alt2 | ALT-PU-2023-7837-1 | 335914 | Fixed |
curl | sisyphus_e2k | 8.5.0-alt1 | 8.7.1-alt2 | ALT-PU-2023-7859-1 | - | Fixed |
curl | sisyphus_riscv64 | 8.5.0-alt1 | 8.7.1-alt2 | ALT-PU-2023-7947-1 | - | Fixed |
curl | sisyphus_loongarch64 | 8.5.0-alt1 | 8.7.1-alt2 | ALT-PU-2023-7876-1 | - | Fixed |
curl | p10 | 8.5.0-alt1 | 8.7.1-alt2 | ALT-PU-2023-7977-2 | 336240 | Fixed |
curl | p10_e2k | 8.5.0-alt1 | 8.7.1-alt2 | ALT-PU-2023-8121-1 | - | Fixed |
curl | c10f1 | 8.5.0-alt1 | 8.6.0-alt1 | ALT-PU-2023-8316-2 | 337201 | Fixed |
curl | c9f2 | 8.5.0-alt1 | 8.6.0-alt1 | ALT-PU-2023-8180-3 | 336757 | Fixed |