返回
-
标题
KACE response to the Curl Vulnerability CVE-2023-38545 & Libcurl Vulnerability CVE-2023-38546 -
说明
This article addresses the status of the KACE SMA, KACE SDA, and KACE Cloud products regarding published vulnerabilities related to Curl & Libcurl.
For more details about the vulnerability please refer to:
CVE-2023-38545, addresses a buffer overflow flaw that impacts both libcurl and the curl command line tool. The overflow can occur during a SOCKS5 handshake.
CVE-2023-38546 is associated with a cookie injection flaw, but curl maintainers suggest that the series of conditions that must be met makes the likelihood of exploitation low.