Understanding the latest curl vulnerabilities: CVE-2023-38545 and CVE-2023-38546

We have published a blog post on the latest curl vulnerabilities:

https://www.lacework.com/blog/understanding-the-latest-curl-vulnerabilities-cve-2023-38545-and-cve-2023-38546/

These vulnerabilities requires a very specific set of conditions to be exploited, such as the use of a SOCKS5 proxy or local access to the machine.

Agent

N/A

Platform

Using Lacework/Operationalizing

Cloud

N/A