Show plain JSON{"bugzilla": {"description": "curl: fopen race condition", "id": "2222604", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222604"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-367", "details": ["A flaw was found in the curl package. This race condition modifies the behavior of symbolic link files in affected components which might be followed instead of overwritten when the condition is met, leading to undesired and potentially destructive behavior."], "name": "CVE-2023-32001", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "curl", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "curl", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "curl", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "curl", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:jboss_core_services:1", "fix_state": "Not affected", "package_name": "curl", "product_name": "Red Hat JBoss Core Services"}], "public_date": "2023-07-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-32001\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-32001\nhttps://curl.se/docs/CVE-2023-32001.html"], "statement": "This issue does not affect the Curl package as shipped in Red Hat Enterprise Linux 6, 7, 8, and 9.", "threat_severity": "Moderate"}