Be prepared to patch high-severity vulnerability in curl and libcurl

Details about two vulnerabilities (CVE-2023-38545, CVE-2023-38546) in curl, a foundational and widely used open-source software for data transfer via URLs, are to be released on Wednesday, October 11. Daniel Stenberg, the original author and lead developer, has said that the more severe of the two vulnerabilities “is probably the worst curl security flaw in a long time.” About curl and the vulnerabilities Curl (a command-line tool) and libcurl, a client-side URL transfer library, are developed … More →

The post …

author be prepared curl cve daniel data data transfer developer docker don't miss endor labs high hot stuff october open source open-source software patch patching qualys security update severity software sonatype synopsys transfer urls vulnerabilities vulnerability vulnerability disclosure