all InfoSec news
Curl Update Available for CVE-2023-38545 and CVE-2023-38546: High-Severity Vulnerability Could Lead to RCE
Malware Analysis, News and Indicators - Latest topics malware.news
curl recently received an update that addressed two critical vulnerabilities in the curl data transfer library, identified as CVE-2023-38545 and CVE-2023-38546. Successful exploitation of these vulnerabilities could enable code execution and cookie injection.
Details of curl Vulnerabilities
CVE-2023-38545 (CVSS score: 7.5, High severity):
CVE-2023-38545, a heap-based buffer overflow vulnerability in SOCKS5, can potentially result in Remote Code Execution (RCE). It impacts both the curl command-line tool and libcurl.
Vulnerability card for CVE-2023-38545 on SOCRadar
Researchers reported that curl version …
buffer code code execution cookie critical critical vulnerabilities curl cve cve-2023-38545 cvss data data transfer enable exploitation high injection library rce score severity transfer update vulnerabilities vulnerability