Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

taaz@biglemmowski.win · 1 year ago

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

nathris@lemmy.ca · 1 year ago

Could be an RCE exploit. Doesn’t matter if it’s privilege escalation at that point because it can be used to execute a payload that can.

PowerCrazy@lemmy.ml · 1 year ago

I’ll admit i’m out of my depth about exactly how curl works on the local system, but surely if there is a vulnerability in the “libcurl” library that is much more serious and severe then just saying “curl” is vulnerable.

I’m assuming that libcurl touches a huge amount of the linux network stack.

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 · curl/curl · Discussion #12026