CVE-2023-38039

HIGH

curl 7.84.0-8.2.0 - Denial of Service via Unbounded HTTP Response Header Storage

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-38039. PoCs published by Smartkeyss.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2023-38039, which targets a memory exhaustion vulnerability in curl via excessive HTTP headers. The exploit server sends a large number of headers to exhaust memory, and a monitoring script tracks curl's memory usage during the attack.

Description

When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory.

Exploits (1)

nomisec WORKING POC
by Smartkeyss · poc
https://github.com/Smartkeyss/CVE-2023-38039

This repository contains a functional exploit for CVE-2023-38039, which targets a memory exhaustion vulnerability in curl via excessive HTTP headers. The exploit server sends a large number of headers to exhaust memory, and a monitoring script tracks curl's memory usage during the attack.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: curl (version not specified)
No auth needed
Prerequisites: Python 3 · curl installed on target system
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Scores

CVSS v3 7.5
EPSS 0.6225
EPSS Percentile 99.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-770
Status published
Products (12)
fedoraproject/fedora 37
fedoraproject/fedora 38
fedoraproject/fedora 39
haxx/curl 7.84.0 - 8.3.0
microsoft/windows_10_1809 < 10.0.17763.5122
microsoft/windows_10_21h2 < 10.0.19044.3693
microsoft/windows_10_22h2 < 10.0.19045.3693
microsoft/windows_11_21h2 < 10.0.22000.2600
microsoft/windows_11_22h2 < 10.0.22621.2715
microsoft/windows_11_23h2 < 10.0.22631.2715
... and 2 more
Published Sep 15, 2023
Tracked Since Feb 18, 2026