CVE-2023-46218: This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible…

CVE-2018-6594 [HIGH] PAN-SA-2025-0012 Informational Bulletin: OSS CVEs Fixed in PAN-OS PAN-SA-2025-0012 Informational Bulletin: OSS CVEs Fixed in PAN-OS The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS. While it was not determined that these CVEs have any significant impact on PAN-OS, they have been fixed out of an abundance of caution. CVE Summary CVE-2018-6594 This CVE is fixed in PAN-OS 10.2.17, 11.1.11, 11.2.8, 12.1.2, and all later versions of PAN-OS CVE-2018-25032 This CVE is fixed in PAN-OS 10.1.7, 10.2.2, and all later versions of PAN-OS CVE-2019-5827 This CVE is fixed in PAN-OS 11.1.4, and all later versions of PAN-OS. CVE-2019-13750 This CVE is fixed in PAN-OS 11.1.4, and all later versions of PAN-OS. CVE-2019-13751 This CVE is fixed in PAN-OS 11.1.4, and all later versions

Siemens SIMATIC S7-1500 CPU Family ICS Advisory ## Siemens SIMATIC S7-1500 CPU Family Release DateJune 12, 2025 Alert CodeICSA-25-162-05 Related topics: Industrial Control System Vulnerabilities, Industrial Control Systems As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v4 8.7 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Siemens - Equipment: SIMATIC S7-1500 CPU family - Vulnerabilities: Missing Encryption of Sensitive Data, Out-of-bounds Read, Use After Free, Stack-

CVE-2023-46218 [MEDIUM] Oracle Oracle Communications Risk Matrix: Automated Test Suite (curl) — CVE-2023-46218 Oracle Oracle Communications Risk Matrix: Automated Test Suite (curl) vulnerability CVE: CVE-2023-46218 CVSS: 6.5 Protocol: HTTP Remote exploit: Yes Affected versions: Network Advisory: cpujan2025 (JAN 2025)

Siemens SINEC NMS ICS Advisory ## Siemens SINEC NMS Release DateNovember 14, 2024 Alert CodeICSA-24-319-04 Related topics: Industrial Control System Vulnerabilities, Industrial Control Systems As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v4 8.3 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Siemens - Equipment: SINEC NMS - Vulnerabilities: Improper Input Validation, Improper Check for Unusual or Exceptional Conditions, Out-of-bounds Write, Uncontro

CVE-2023-46218 [MEDIUM] Oracle Oracle Communications Applications Risk Matrix: Installation (curl) — CVE-2023-46218 Oracle Oracle Communications Applications Risk Matrix: Installation (curl) vulnerability CVE: CVE-2023-46218 CVSS: 6.5 Protocol: HTTP Remote exploit: Yes Affected versions: Network Advisory: cpujul2024 (JUL 2024)

Siemens SIMATIC RTLS Locating Manager ICS Advisory ## Siemens SIMATIC RTLS Locating Manager Release DateMay 16, 2024 Alert CodeICSA-24-137-07 As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v4 10.0 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Siemens - Equipment: SIMATIC RTLS Locating Manager - Vulnerabilities: Improper Input Validation, Improper Check for Unusual or Exceptional Conditions, Uncontrolled Resource Consumption, Excessive Iteration, Allocation of Resources Wi

CVE-2023-46218 [MEDIUM] Oracle Oracle Fusion Middleware Risk Matrix: SSL Module (curl) — CVE-2023-46218 Oracle Oracle Fusion Middleware Risk Matrix: SSL Module (curl) vulnerability CVE: CVE-2023-46218 CVSS: 6.5 Protocol: TLS Remote exploit: Yes Affected versions: Network Advisory: cpuapr2024 (APR 2024)

CVE-2023-46218 curl vulnerability Title: curl vulnerability Summary: curl could be made to set cookies that would bypass PSL checks. Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains. Instructions: In general, a standard system update will make all the necessary changes.

CVE-2023-46218 [MEDIUM] This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that the This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk` even though `co.uk` is listed as a PSL domain. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the co

CVE-2023-46218 [MEDIUM] CWE-201 curl: information disclosure by exploiting a mixed case flaw curl: information disclosure by exploiting a mixed case flaw This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain. A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set "super cookies" in curl that a

CVE-2023-46219 [MEDIUM] curl vulnerabilities Title: curl vulnerabilities Summary: Several security issues were fixed in curl. Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains. (CVE-2023-46218) Maksymilian Arciemowicz discovered that curl incorrectly handled long file names when saving HSTS data. This could result in curl losing HSTS data, and subsequent requests to a site would be done without it, contrary to expectations. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-46219) Instructions: In general, a standard system update will make all the necessary changes.

CVE-2023-46218 [MEDIUM] CVE-2023-46218: curl - This flaw allows a malicious HTTP server to set "super cookies" in curl that are... This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain. Scope: local bookworm: resolved (fixed in 7.88.1-10+deb12u5) bullseye: resolved (fixed in 7.74.0-1.3+deb11u11) forky: resolved (fixed in 8.5.0-1) sid: resolved (fixed in 8.5.0-1) trixie: resolved (fixed in 8.5.0-1)

CVE-2023-46218 [MEDIUM] CVE-2023-46218: This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or po This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.

CVE-2023-46218 [MEDIUM] CVE-2023-46218: This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or po This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.

CVE-2023-46218 [MEDIUM] CWE-178 GHSA-59mm-6rr4-j9p2: This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or po This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.

CVE-2023-46218 [MEDIUM] curl vulnerabilities curl vulnerabilities Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains. (CVE-2023-46218) Maksymilian Arciemowicz discovered that curl incorrectly handled long file names when saving HSTS data. This could result in curl losing HSTS data, and subsequent requests to a site would be done without it, contrary to expectations. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-46219)

[MEDIUM] curl cookie mixed case PSL bypass curl cookie mixed case PSL bypass A vulnerability in curl allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with domain=co.UK when the URL used a lowercase hostname curl.co.uk, even though co.uk is listed as a PSL domain. ## Impact Issue supercookies bypassing the Public Suffix List check. CVE-2023-46218 - cookie mixed case PSL bypass VULNERABILITY This flaw allows a malicious HTTP server to set "super cookies"

CVE-2023-46218 [MEDIUM] CVE-2023-46218: cookie mixed case PSL bypass CVE-2023-46218: cookie mixed case PSL bypass ## Summary: libcurl fails to normalize the `hostname` and `cookie_domain` parameters passed to `psl_is_cookie_domain_acceptable` function. As a result a malicious site can set a super cookie if the victim requests the url with hostname with any upper case characters in the domain part of the hostname. libpsl `psl_is_cookie_domain_acceptable` documentation https://rockdaboot.github.io/libpsl/libpsl-Public-Suffix-List-functions.html#psl-is-cookie-domain-acceptable says the following: ``` Use helper function psl_str_to_utf8lower() for normalization of hostname and cookie_domain . ``` This is not done correctly and hence domains with uppercase characters will bypass the PSL check. Note that curl itself will later ignore the cookie domain capitaliz