Here's What You Need to Know about the Upcoming Curl Security Patches
1 min read
Oct 10, 2023
Developers behind the open source library described one Curl vulnerability as one of the worst they've ever encountered.
The developers behind the Curl library are set to release a patch for two as-yet-undisclosed vulnerabilities that present a serious risk to the thousands of software applications that use the library every day.
Curl 8.4.0 will drop at 6:00 UTC on October 11, less than a month after the release of Curl 8.3.0, in a scramble to address the flaws before attackers can exploit them.
The vulnerabilities are tracked as CVE-2023-38545 and CVE-2023-38546, with severity ratings of ‘high’ and ‘low’ respectively.
Curl creator Daniel Stenberg stated that CVE-2023-38545 is “probably the worst curl security flaw in a long time”.
Related Articles
1 - 0 min read
Millions Of GitHub Repositories Infected With Malicious Code
1 - 0 min read
Ubuntu Tool Could Trick Users Into Installing Rogue Packages
1 - 0 min read
Joomla XSS Bug Puts Millions of Websites at Risk of RCE
