KACE response to the Curl Vulnerability CVE-2023-38545 & Libcurl Vulnerability CVE-2023-38546
说明
This article addresses the status of the KACE SMA, KACE SDA, and KACE Cloud products regarding published vulnerabilities related to Curl & Libcurl. For more details about the vulnerability please refer to: CVE-2023-38545, addresses a buffer overflow flaw that impacts both libcurl and the curl command line tool. The overflow can occur during a SOCKS5 handshake. CVE-2023-38546 is associated with a cookie injection flaw, but curl maintainers suggest that the series of conditions that must be met makes the likelihood of exploitation low.