{
  "id": "CVE-2023-32001",
  "sourceIdentifier": "support@hackerone.com",
  "published": "2023-07-26T21:15:10.037",
  "lastModified": "2023-07-26T21:40:11.047",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "libcurl can be told to save cookie, HSTS and/or alt-svc data to files. When\ndoing this, it called `stat()` followed by `fopen()` in a way that made it\nvulnerable to a TOCTOU race condition problem.\n\nBy exploiting this flaw, an attacker could trick the victim to create or\noverwrite protected files holding this data in ways it was not intended to.\n"
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://hackerone.com/reports/2039870",
      "source": "support@hackerone.com"
    }
  ]
}