{"id":"USN-6423-2","summary":"libcue vulnerability","details":"USN-6423-1 fixed a vulnerability in CUE. This update provides the\ncorresponding updates for Ubuntu 23.10.\n\nOriginal advisory details:\n\n It was discovered that CUE incorrectly handled certain files.\n An attacker could possibly use this issue to expose sensitive\n information or execute arbitrary code.\n","modified":"2026-01-30T01:58:13.692008Z","published":"2023-10-17T11:30:16.694649Z","related":["CVE-2023-43641","UBUNTU-CVE-2023-43641"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6423-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-43641"}],"affected":[{"package":{"name":"libcue","ecosystem":"Ubuntu:23.10","purl":"pkg:deb/ubuntu/libcue@2.2.1-4ubuntu1?arch=source&distro=mantic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.2.1-4ubuntu1"}]}],"versions":["2.2.1-4"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"2.2.1-4ubuntu1","binary_name":"libcue-dev"},{"binary_version":"2.2.1-4ubuntu1","binary_name":"libcue2"},{"binary_version":"2.2.1-4ubuntu1","binary_name":"libcue2-dbgsym"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6423-2.json"}}],"schema_version":"1.7.3"}