The Latest in IT Security

Two High-Risk Security Flaws Discovered in Curl Library – New Patches Released

12
Oct
2023
Two High-Risk Security Flaws Discovered in Curl Library – New Patches Released

image credit: adobe stock

Patches have been released for two security flaws impacting the Curl data transfer library, the most severe of which could potentially result in code execution.

The list of vulnerabilities is as follows –

  • CVE-2023-38545 (CVSS score: 7.5) – SOCKS5 heap-based buffer overflow vulnerability
  • CVE-2023-38546 (CVSS score: 5.0) – Cookie injection with none file

CVE-2023-38545 is the more severe of the two, and has been described by the project’s lead developer, Daniel Stenberg, as “probably the worst Curl security flaw in a long time.” It affects libcurl versions 7.69.0 to and including 8.3.0.

Read More

Comments are closed.

Categories

SATURDAY, JUNE 22, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments