{"id":"CVE-2023-38039","details":"When curl retrieves an HTTP response, it stores the incoming headers so that\nthey can be accessed later via the libcurl headers API.\n\nHowever, curl did not have a limit in how many or how large headers it would\naccept in a response, allowing a malicious server to stream an endless series\nof headers and eventually cause curl to run out of heap memory.","aliases":["CURL-CVE-2023-38039"],"modified":"2026-04-02T09:07:50.661652Z","published":"2023-09-15T04:15:10.127Z","related":["MGASA-2023-0263","SUSE-SU-2023:3692-1","SUSE-SU-2023:3823-1","openSUSE-SU-2024:13230-1"],"references":[{"type":"ADVISORY","url":"https://support.apple.com/kb/HT214057"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2024/Jan/38"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202310-12"},{"type":"ADVISORY","url":"https://www.insyde.com/security-pledge/SA-2023064"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2023/Oct/17"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2024/Jan/34"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2024/Jan/37"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT214036"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT214058"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT214063"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20231013-0005/"},{"type":"FIX","url":"https://hackerone.com/reports/2072338"},{"type":"ARTICLE","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DCZMYODALBLVOXVJEN2LF2MLANEYL4F/"},{"type":"ARTICLE","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KGKB2JNZVT276JYSKI6FV2VFJUGDOJ/"},{"type":"ARTICLE","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEAWTYHC3RT6ZRS5OZRHLAIENVN6CCIS/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/curl/curl","events":[{"introduced":"45ac4d019475df03562fe0ac54eb67e1d1de0ca7"},{"fixed":"6fa1d817e5b1a00d7d0c8168091877476b499317"}],"database_specific":{"versions":[{"introduced":"7.84.0"},{"fixed":"8.3.0"}]}}],"versions":["curl-7_84_0","curl-7_85_0","curl-7_86_0","curl-7_87_0","curl-7_88_0","curl-7_88_1","curl-8_0_0","curl-8_0_1","curl-8_1_0","curl-8_1_1","curl-8_1_2","curl-8_2_0","curl-8_2_1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-38039.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"37"}]},{"events":[{"introduced":"0"},{"last_affected":"38"}]},{"events":[{"introduced":"0"},{"last_affected":"39"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.17763.5122"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.19044.3693"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.19045.3693"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.22000.2600"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.22621.2715"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.22631.2715"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.17763.5122"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.20348.2113"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}