Patches have been released for two security flaws impacting the Curl data transfer library, the most severe of which could potentially result in code execution.
The list of vulnerabilities is as follows –
CVE-2023-38545 (CVSS score: 7.5) – SOCKS5 heap-based buffer overflow vulnerability
CVE-2023-38546 (CVSS score: 5.0) – Cookie injection with none file
CVE-2023-38545 is the more severe of the
Source:: The Hackers News