CVE-2023-38546 — Vulnetix

CVE-2023-38546 PUBLISHED

EPSS 0.44% · 63.6th percentile

Risk Scores

EPSS Score

0.44%

63.6th percentile

Affected Products

Vendor	Product	Versions
Amazon	curl
Amazon	ecs-service-connect-agent

Exploit Intelligence

[CVE-2023-38546] cookie injection with none file (hackerone)
CVE-2023-38546: cookie injection with none file (hackerone)
[CVE-2023-38546] cookie injection with none file (hackerone)
CVE-2023-38546: cookie injection with none file (hackerone)
[CVE-2023-38546] cookie injection with none file (hackerone)
CVE-2023-38546: cookie injection with none file (hackerone)
TestCaseRule-CVE-2025-38555.yara (github-yara)
TestCaseRule-CVE-2025-38555.yara (github-yara)
TestCaseRule-CVE-2025-38555.yara (github-yara)
TestCaseRule-CVE-2025-38555.yara (github-yara)

…and 78 more exploits

Timeline

CVE Published
Oct 11, 2023 PoC Published
Oct 18, 2023 EPSS Score
Nov 18, 2023 EPSS Score
Nov 23, 2023 PoC Published
Dec 19, 2023 EPSS Score
Feb 20, 2024 EPSS Score
Mar 22, 2024 EPSS Score
Apr 22, 2024 EPSS Score
May 23, 2024 EPSS Score
Jun 24, 2024 EPSS Score
Aug 25, 2024 EPSS Score

References

ALAS2ECS-2023-016: ecs-service-connect-agent (important) advisory
ALAS2-2023-2287: curl (important) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›