Two High-Risk Security Flaws Discovered in Curl Library - New Patches Released

By: Newsroom — October 12^th 2023 at 04:39

Image Source: JFrog Security Research Patches have been released for two security flaws impacting the Curl data transfer library, the most severe of which could potentially result in code execution. The list of vulnerabilities is as follows - CVE-2023-38545 (CVSS score: 7.5) - SOCKS5 heap-based buffer overflow vulnerability CVE-2023-38546 (CVSS score: 5.0) - Cookie injection with none file CVE-

The Hacker News

Security Patch for Two New Flaws in Curl Library Arriving on October 11

By: Newsroom — October 9^th 2023 at 10:32

The maintainers of the Curl library have released an advisory warning of two security vulnerabilities that are expected to be addressed as part of an forthcoming update set for release on October 11, 2023. This includes a high-severity and a low-severity flaw tracked under the identifiers CVE-2023-38545 and CVE-2023-38546, respectively. Additional details about the issues and the exact version

Naked Security

Serious Security: Learning from curl’s latest bug update

By: Paul Ducklin — May 12^th 2022 at 15:08

Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world.

FreshRSS

Two High-Risk Security Flaws Discovered in Curl Library - New Patches Released

Security Patch for Two New Flaws in Curl Library Arriving on October 11

Serious Security: Learning from curl’s latest bug update