Details about two vulnerabilities (CVE-2023-38545, CVE-2023-38546) in curl, a foundational and widely used open-source software for data transfer via URLs, are to be released on Wednesday, October 11. Daniel Stenberg, the original author and lead developer, has said that the more severe of the two vulnerabilities “is probably the worst curl security flaw in a long time.” About curl and the vulnerabilities Curl (a command-line tool) and libcurl, a client-side URL transfer library, are developed … More

The post Be prepared to patch high-severity vulnerability in curl and libcurl appeared first on Help Net Security.