cURL and libcurl Vulnerability Affecting Cisco Products: October 2023

On October 11, 2023, cURL released Version 8.4.0 of the cURL utility and the libcurl library. This release addressed two security vulnerabilities: 

CVE-2023-38545 – High Security Impact Rating (SIR)
CVE-2023-38546 – Low SIR

This advisory covers CVE-2023-38545 only. For more information about CVE-2023-38545, see the cURL advisory.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-curl-libcurl-D9ds39cV

Security Impact Rating: High

CVE: CVE-2023-38545

Source:: Cisco Security Advisories