CVE-2023-38545: Curl and libcurl CVE-2023-38545 and CVE-2023-38546 vulnerabilities

First published: Tue Oct 03 2023(Updated: )

Accessibility. A privacy issue was addressed with improved private data redaction for log entries.

Credit: support@hackerone.com CVE-2023-38545 CVE-2023-38039 CVE-2023-38546 CVE-2023-42915 Noah Roskin-Frazee Pr Ivan Fratric Google Project Zero Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeMickey Jin @patch1t an anonymous researcher Marc Newlin SkySafeKoh M. Nakagawa @tsunek0h Yann GASCUEL Alter SolutionsAnthony Cruz Tyrant Corp @App Wojciech Regula SecuRingZhenjiang Zhao Pangu TeamQianxin Junsung Lee Meysam Firouzi @R00tkitSMM Pan ZhenPeng @Peterpan0927 STAR Labs SG PteEloi Benoist-Vanderbeken @elvanderb SynacktivCVE-2023-42893 CVE-2023-3618 CVE-2020-19185 CVE-2020-19186 CVE-2020-19187 CVE-2020-19188 CVE-2020-19189 CVE-2020-19190 Ron Masas BreakPointCsaba Fitzl @theevilbit OffSecCsaba Fitzl @theevilbit Offensive SecurityArsenii Kostromin (0x3c3e) Mattie Behrens Joshua Jewett @JoshJewett33 Zhongquan Li @Guluisacat Zhongquan Li @Guluisacat Dawn Security Lab of JingDongCVE-2023-5344 Pwn2car Zoom Offensive Security Team Nan Wang @eternalsakura13 360 Vulnerability Research Instituterushikesh nandedkar SungKwon Lee (Demon.Team) Kirin @Pwnrin Don Clarke

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/oss-sec
• alias/CVE-2023-38545
• collector/msrc
• collector/nvd-index
• agent/type
• agent/first-publish-date
• collector/msrc-cve
• source/Microsoft
• agent/software-canonical-lookup
• agent/remedy
• collector/launchpad-cve
• source/Launchpad
• collector/epss-latest
• source/FIRST
• agent/epss
• collector/redhat-bugzilla
• source/Red Hat
• collector/apple-support
• source/Apple
• alias/CVE-2023-38039
• alias/CVE-2023-38546
• collector/usn-cve
• source/Ubuntu
• collector/security-tracker-debian
• source/Debian
• collector/fortiguard-psirt-latest
• source/FortiGuard
• agent/title
• collector/mitre-cve
• source/MITRE
• agent/severity
• agent/trending
• agent/source
• agent/software-canonical-lookup-request
• collector/ibm-support
• source/IBM
• agent/references
• agent/last-modified-date
• agent/author
• agent/weakness
• agent/description
• alias/CVE-2023-42901
• alias/CVE-2023-42902
• alias/CVE-2023-42912
• alias/CVE-2023-42903
• alias/CVE-2023-42904
• alias/CVE-2023-42905
• alias/CVE-2023-42906
• alias/CVE-2023-42907
• alias/CVE-2023-42908
• alias/CVE-2023-42909
• alias/CVE-2023-42910
• alias/CVE-2023-42911
• alias/CVE-2023-42926
• alias/CVE-2023-42882
• alias/CVE-2023-42881
• alias/CVE-2023-42924
• alias/CVE-2023-42896
• alias/CVE-2023-42884
• alias/CVE-2023-45866
• alias/CVE-2023-42900
• alias/CVE-2023-42886
• alias/CVE-2023-42931
• alias/CVE-2023-42892
• alias/CVE-2023-42922
• alias/CVE-2023-42898
• alias/CVE-2023-42899
• alias/CVE-2023-42888
• alias/CVE-2023-42891
• alias/CVE-2023-42974
• alias/CVE-2023-42914
• alias/CVE-2023-42893
• alias/CVE-2023-3618
• alias/CVE-2020-19185
• alias/CVE-2020-19186
• alias/CVE-2020-19187
• alias/CVE-2020-19188
• alias/CVE-2020-19189
• alias/CVE-2020-19190
• alias/CVE-2023-42887
• alias/CVE-2023-42936
• alias/CVE-2023-40390
• alias/CVE-2023-42842
• alias/CVE-2023-42930
• alias/CVE-2023-42913
• alias/CVE-2023-42932
• alias/CVE-2023-42947
• alias/CVE-2023-40389
• alias/CVE-2023-5344
• alias/CVE-2023-42890
• alias/CVE-2023-42883
• alias/CVE-2023-42950
• alias/CVE-2023-42956
• alias/CVE-2023-42919
• alias/CVE-2023-42894
• alias/CVE-2023-42937
• agent/event
• alias/CVE-2023-42915
• agent/softwarecombine
• agent/tags
• collector/nvd-api
• source/NVD
• collector/nvd-cve
• collector/fortiguard-psirt
• vendor/microsoft
• canonical/microsoft windows server 2019
• canonical/microsoft windows 11
• version/microsoft windows 11/23h2
• version/microsoft windows 11/22h2
• version/microsoft windows 11/21h2
• canonical/microsoft windows server 2022
• canonical/microsoft windows 10
• version/microsoft windows 10/21h2
• version/microsoft windows 10/22h2
• version/microsoft windows 10/1809
• package-manager/redhat
• vendor/apple
• canonical/apple macos monterey
• package-manager/ubuntu
• canonical/microsoft 365 apps for enterprise
• canonical/microsoft office ltsc 2021 for 64-bit editions
• canonical/microsoft office 2019 for 64-bit editions
• canonical/microsoft office ltsc 2021 for 32-bit editions
• canonical/microsoft office 2019 for 32-bit editions
• package-manager/debian
• canonical/apple macos
• vendor/ibm
• canonical/ibm spectrum protect for virtual environments: data protection for vmware
• version/ibm spectrum protect for virtual environments: data protection for vmware/8.1.0.0 - 8.1.22.0
• canonical/apple ios, ipados, and watchos
• vendor/haxx
• canonical/libcurl
• version/libcurl/7.69.0
• vendor/fedoraproject
• canonical/fedora
• version/fedora/37
• vendor/netapp
• canonical/netapp active iq unified manager for vmware vsphere
• canonical/netapp active iq unified manager windows
• canonical/netapp oncommand insight
• canonical/netapp oncommand workflow automation
• canonical/microsoft windows 10 1809
• canonical/microsoft windows 10 21h2
• canonical/microsoft windows 10 22h2
• canonical/microsoft windows 11 21h2
• canonical/microsoft windows 11 22h2
• canonical/microsoft windows 11 23h2
• vendor/fortinet
• canonical/fortinet fortiextender firmware
• version/fortinet fortiextender firmware/7.4.0
• version/fortinet fortiextender firmware/7.4.1
• version/fortinet fortiextender firmware/7.2.0
• version/fortinet fortiextender firmware/7.2.3
• canonical/fortinet fortios
• version/fortinet fortios/7.4.0
• version/fortinet fortios/7.4.1
• version/fortinet fortios/7.2.0
• version/fortinet fortios/7.2.6
• version/fortinet fortios/7.0.1
• version/fortinet fortios/7.0.13
• canonical/fortinet fortiproxy
• version/fortinet fortiproxy/7.4.0
• version/fortinet fortiproxy/7.4.1
• version/fortinet fortiproxy/7.2.0
• version/fortinet fortiproxy/7.2.7
• version/fortinet fortiproxy/7.0