Vulnerabilities impacting the widely used curl open source tool used for various network protocols will be addressed in an update to be issued on Wednesday, reports The Record, a news site by cybersecurity firm Recorded Future. Included in the fixed flaws are a high severity bug, tracked as CVE-2023-38545, impacting curl and the tool’s libcurl library that has been noted by a maintainer to be the most severe vulnerability impacting the tool in a long time, and a low severity issue, tracked as CVE-2023-38546 affecting libcurl alone.
Source: SC Magazine