CVE-2023-27533

ADVISORY - nist

Summary

A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.

EPSS Score⁠: 0.00141 (0.350)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-74⁠

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-75⁠

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

ADVISORY - redhat

CWE-75⁠

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

Impacted images

Advisories

NIST

CREATED

3 years ago

UPDATED

11 months ago

ADVISORY IDCVE-2023-27533⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-74⁠CWE-75⁠

CVSS SCORE

8.8high

Alpine

CREATED

3 years ago

UPDATED

27 days ago

ADVISORY IDCVE-2023-27533⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

3 years ago

UPDATED

27 days ago

ADVISORY IDCVE-2023-27533⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

3 years ago

UPDATED

8 months ago

ADVISORY IDCVE-2023-27533⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

8.8low

Alma

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALSA-2023:6679⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDALAS-2023-1727⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALAS2-2023-2070⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALAS2023-2023-193⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

3 years ago

UPDATED

8 months ago

ADVISORY IDCVE-2023-27533⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-75⁠

CVSS SCORE

4.3low

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-6679⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Photon

CREATED

1 year ago

UPDATED

2 months ago

ADVISORY ID

CVE-2023-27533

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

8.8high

intheWild

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY IDCVE-2023-27533⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY