CVE-2023-28321Improper Certificate Validation in Curl

CWE-295Improper Certificate Validation17 documents10 sources
Severity
5.9MEDIUMNVD
EPSS
0.3%
top 46.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Haxx CurlApple MacosHttps Github.com Curl Curl+2 more
Timeline
PublishedMay 26
Latest updateSep 11

Description

An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converte

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages5 packages

NVDhaxx/curl< 8.1.0
Debianhaxx/curl< 7.74.0-1.3+deb11u9+3
Ubuntuhaxx/curl< 7.68.0-1ubuntu2.19+5
CVEListV5https/github.com_curl_curlFixed in 8.1.0
NVDapple/macos11.011.7.9+2

Also affects: Debian Linux 10.0, Fedora 37, 38

Patches

Patch: hackerone.comPatch: hackerone.com

🔴Vulnerability Details

6
OSV
curl vulnerabilities2023-09-11
OSV
curl regression2023-07-19
OSV
curl vulnerabilities2023-07-19
GHSA
GHSA-pgq4-vq29-6v5r: An improper certificate validation vulnerability exists in curl <v82023-05-26
CVEList
CVE-2023-28321: An improper certificate validation vulnerability exists in curl <v82023-05-26

📋Vendor Advisories

8
Ubuntu
curl vulnerabilities2023-09-11
Apple
CVE-2023-28321: macOS Monterey 12.6.82023-07-24
Apple
CVE-2023-28321: macOS Big Sur 11.7.92023-07-24
Apple
CVE-2023-28321: macOS Ventura 13.52023-07-24
Ubuntu
curl vulnerabilities2023-07-19

💬Community

2
HackerOne
CVE-2023-28321: IDN wildcard match2023-06-25
HackerOne
CVE-2023-28321: IDN wildcard match2023-05-18
CVE-2023-28321 — Improper Certificate Validation | cvebase