all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-38545: High Severity cURL Vulnerability Detection

Add to bookmarks
Oct. 12, 2023, 3:35 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

On October 11 a new version of curl (8.4.0) was released, where a couple of new vulnerabilities were fixed (CVE-2023-38545 with severity HIGH and CVE-2023-38546 with severity LOW). These issues were previously announced in the project’s discussion. At the time of this blog, there have been several proof of concepts released for CVE-2023-38545 which result in crashes, but not exploitation.




  • CVE-2023-38545 is a SOCKS5 heap buffer overflow. This flaw makes curl overflow a heap-based buffer in the …

blog concepts curl curl vulnerability cve cve-2023-38545 cve-2023-38546 detection high low october project proof severity version vulnerabilities vulnerability vulnerability detection

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Malware Simulators cannot test Antivirus Software 9 hours ago | malware.news
malware analysis topic
Ready2Run - Is dnSpy dead? 9 hours ago | malware.news
malware analysis topic
Security above all else—expanding Microsoft’s Secure Future Initiative 12 hours ago | malware.news
cyberattacks cybersecurity future high +11
FBI warns of email spoofing by North Korean threat actor Kimsuky 15 hours ago | malware.news
actor article dmarc domains +16
You get a passkey, you get a passkey, everyone should get a passkey 19 hours ago | malware.news
accounts can consumer cracked +10
Attackers evade detection by leveraging Microsoft Graph API 19 hours ago | malware.news
api article attackers cloud +15
Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland... - SWN #383 20 hours ago | malware.news
article cisco credit credit monitoring +8
Code faster with generative AI, but beware the risks when you do 20 hours ago | malware.news
article can code coding +13
Proposed Bill Focuses on Voluntary AI Security Incident Reporting 20 hours ago | malware.news
ai security bill companies cybersecurity +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Lead Security Specialist

@ Fujifilm | Holly Springs, NC, United States
View on infosec-jobs.com

Security Operations Centre Analyst

@ Deliveroo | Hyderabad, India (Main Office)
View on infosec-jobs.com

CISOC Analyst

@ KCB Group | Kenya
View on infosec-jobs.com

Lead Security Engineer – Red Team/Offensive Security

@ FICO | Work from Home, United States
View on infosec-jobs.com

Cloud Security SME

@ Maveris | Washington, District of Columbia, United States - Remote
View on infosec-jobs.com

SOC Analyst (m/w/d)

@ Bausparkasse Schwäbisch Hall | Schwäbisch Hall, DE
View on infosec-jobs.com
View more jobs