First published: Tue Oct 03 2023(Updated: )
curl. Multiple issues were addressed by updating to curl version 8.4.0.
Credit: support@hackerone.com CVE-2023-38545 CVE-2023-38039 CVE-2023-38546 CVE-2023-42915 support@hackerone.com support@hackerone.com CVE-2023-38545 CVE-2023-38039 CVE-2023-38546 CVE-2023-38545 CVE-2023-38039 CVE-2023-38546 CVE-2023-38545 CVE-2023-38039 CVE-2023-38546
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows Server 2019 | ||
Microsoft Windows 11 | =23H2 | |
Microsoft Windows 11 | =22H2 | |
Microsoft Windows 11 | =21H2 | |
Microsoft Windows 11 | =22H2 | |
Microsoft Windows 11 | =23H2 | |
Microsoft Windows Server 2019 | ||
Microsoft Windows 11 | =21H2 | |
Microsoft Windows Server 2022 | ||
Microsoft Windows Server 2022 | ||
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 11 | =21H2 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 11 | =22H2 | |
Microsoft Windows 11 | =23H2 | |
Microsoft Windows Server 2019 | ||
Microsoft Windows Server 2019 | ||
Microsoft Windows 11 | =23H2 | |
Microsoft Windows 11 | =21H2 | |
Microsoft Windows 11 | =22H2 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows Server 2022 | ||
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows Server 2022 | ||
Apple iOS | <16.7.5 | 16.7.5 |
Apple iPadOS | <16.7.5 | 16.7.5 |
redhat/curl | <8.4.0 | 8.4.0 |
Apple macOS Ventura | <13.6.4 | 13.6.4 |
Apple macOS Monterey | <12.7.3 | 12.7.3 |
ubuntu/curl | <7.81.0-1ubuntu1.14 | 7.81.0-1ubuntu1.14 |
ubuntu/curl | <7.88.1-8ubuntu2.3 | 7.88.1-8ubuntu2.3 |
ubuntu/curl | <8.2.1-1ubuntu3.1 | 8.2.1-1ubuntu3.1 |
ubuntu/curl | <8.2.1-1ubuntu3.1 | 8.2.1-1ubuntu3.1 |
IBM Storage Protect for Virtual Environments: Data Protection for VMware | <=8.1.0.0 - 8.1.22.0 | |
Haxx Libcurl | >=7.69.0<8.4.0 | |
Fedoraproject Fedora | =37 | |
Netapp Active Iq Unified Manager Vmware Vsphere | ||
Netapp Active Iq Unified Manager Windows | ||
NetApp OnCommand Insight | ||
NetApp OnCommand Workflow Automation | ||
Microsoft Windows 10 1809 | <10.0.17763.5122 | |
Microsoft Windows 10 21h2 | <10.0.19044.3693 | |
Microsoft Windows 10 22h2 | <10.0.19045.3693 | |
Microsoft Windows 11 21h2 | <10.0.22000.2600 | |
Microsoft Windows 11 22h2 | <10.0.22621.2715 | |
Microsoft Windows 11 23h2 | <10.0.22631.2715 | |
Microsoft Windows Server 2019 | <10.0.17763.5122 | |
Microsoft Windows Server 2022 | <10.0.20348.2113 | |
Microsoft 365 Apps for Enterprise | ||
Microsoft 365 Apps for Enterprise | ||
Microsoft Office LTSC 2021 for 64-bit editions | ||
Microsoft Office 2019 for 64-bit editions | ||
Microsoft Office LTSC 2021 for 32-bit editions | ||
Microsoft Office 2019 for 32-bit editions | ||
Apple macOS Sonoma | <14.2 | 14.2 |
debian/curl | 7.74.0-1.3+deb11u12 7.74.0-1.3+deb11u11 7.88.1-10+deb12u6 7.88.1-10+deb12u5 8.8.0-4 8.9.1-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
The vulnerability ID for this security advisory is CVE-2023-38545.
The title of the security advisory is [SECURITY ADVISORY] curl: CVE-2023-38545: SOCKS5 heap buffer overflow.
The severity of this vulnerability has not been specified.
The affected software is curl, with specific versions mentioned in the security advisory.
You can fix this vulnerability by updating curl to the recommended versions provided in the security advisory.