all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-38545: So you cURL, but will you cIRL?

Add to bookmarks
Oct. 11, 2023, midnight |

The GreyNoise Blog www.greynoise.io

On October 11th, 2023, a heap-based buffer overflow in curl was disclosed under the identifier CVE-2023-38545. The vulnerability affects libcurl 7.69.0 to and including 8.3.0. Vulnerable versions of libcurl may be embedded in existing applications. However, to reach the vulnerable code path, the application must be configured to utilize one of the SOCKS5 proxy modes and attempt to resolve a hostname with extraneous length.

application applications buffer buffer overflow code curl cve cve-2023-38545 embedded libcurl may october overflow path under vulnerability vulnerable

Visit resource

More from www.greynoise.io / The GreyNoise Blog

NetNoiseCon - Recapping our Debut Event 5 days, 14 hours ago | www.greynoise.io
advice career career advice event +8
2024 Verizon DBIR: Surviving the Year of the Vuln 1 week, 4 days ago | www.greynoise.io
attacks breach cyber cyber attacks +16
What We're Reading: April 2024 1 week, 6 days ago | www.greynoise.io
april articles attention books +11
Exploring GreyNoise: The User-Centric Design Approach in Cybersecurity 2 weeks, 5 days ago | www.greynoise.io
accessibility cybersecurity design discover +6
Decrypting Fortinet's FortiOS 7.0.x 2 weeks, 6 days ago | www.greynoise.io
algorithm chacha20 doing encryption +10
GreyNoise Tags Its Way to 1337 Elite Status 3 weeks, 3 days ago | www.greynoise.io
greynoise led sift tag +2
CVE-2024-3400: Command Injection Vulnerability in Palo Alto Networks PAN-OS 4 weeks ago | www.greynoise.io
alto april arbitrary code attackers +26
Artificial Intelligence, Real Intel: How GreyNoise is Leveraging AI Advances to Improve Intelligence for Discovery, … 1 month ago | www.greynoise.io
artificial artificial intelligence attack copilot +17
CVE-2024-3273: D-Link NAS RCE Exploited in the Wild 1 month ago | www.greynoise.io
code code execution critical cve +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cyber Security Network Engineer

@ Nine | North Sydney, Australia
View on infosec-jobs.com

Professional, IAM Security

@ Ingram Micro | Manila Shared Services Center
View on infosec-jobs.com

Principal Windows Threat & Detection Security Researcher (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Security Engineer - IT Infra Security Architecture

@ Coupang | Seoul, South Korea
View on infosec-jobs.com

Senior Security Engineer

@ LiquidX | Singapore, Central Singapore, Singapore
View on infosec-jobs.com

Application Security Engineer

@ Solidigm | Zapopan, Mexico
View on infosec-jobs.com
View more jobs