Forum Discussion

Anonymous

2 years ago

CVE-2023-38545: Heap-based Buffer Overflow in curl On...

CVE-2023-38545: Heap-based Buffer Overflow in curl On October 3, Daniel Stenberg, a maintainer of curl, announced that a new high severity vulnerability would be fixed in curl 8.4.0, and that the fi...

Cyber Exposure Alerts

kbull

Connect Contributor

2 years ago

The VPR Scoring for Plugin 182875 for the Curl 7.69 < 8.4.0 Heap Buffer Overflow was just raised to a Critical 9.2 severity. The CVE Base Score is still high at a 8.4.

The official stance from curl.se still seems to be to upgrade with extreme caution because an upgrade is likely to break other services or software in your OS.

Has anyone heard if Microsoft has any plans to release a patch?

Forum Discussion

CVE-2023-38545: Heap-based Buffer Overflow in curl On...

Recent Discussions

Investigating: Cl0p Reportedly Breached Oracle E-Business Suite (EBS) Systems

FAQ on Exploited Zero-Day Flaws in Cisco ASA and FTD Devices (CVE-2025-20333, CVE-2025-20362)

Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234)

Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks

CVE-2025-7775: Citrix NetScaler ADC and Gateway Zero-Day RCE Vulnerability Exploited in the Wild

Americas

Europe

Asia / Australia