Pycurl is a library which provides curl binding in python. The original library is partially modelled in codeql. This PR adds support to test for SSL certificate validation when using pycurl.
The query aims to detect the vulnerable pattern found in CVE-2023-0509.
Query PR
https://github.com/github/codeql/pull/16812
Language
Python
CVE(s) ID list
CVE-2023-0509
CWE
CWE-295
Report
Pycurl is a library which provides curl binding in python. The original library is partially modelled in codeql. This PR adds support to test for SSL certificate validation when using pycurl.
The query aims to detect the vulnerable pattern found in CVE-2023-0509.
There are many more detections I have found through MRVA. I will keeps updating this issue as and when they convert to CVE's.
in the meantime, the database for the original CVE can be downloaded from the below links.
Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc).
Blog post link
No response