Update of Curl.exe for Windows Server 2019 - CVE-2023-32001

Sharma, Raju 30 Reputation points

Hi Support team

Nessus found a vulnerability with curl

  • Curl Arbitrary File Write 7.x >= 7.84.0 / 8.x <= 8.1.2 (CVE-2023-32001) with Windows Server

We have 60 plus Windows Server 2019, and our current version of curl is 8.0.1. Kindly advise when are you going to release next patch to fix this vulnerability.

Thank you.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
10,606 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Brad Bateman 5 Reputation points

    After some research, it looks like this CVE has been retracted by the CURL security team in Aug 2023, and the CVE is in Rejected status now. So this vulnerability should be able to be ignored.


    https://curl.se/docs/CVE-2023-32001.html "As of August 2023, the curl security team has retracted this issue and we no longer consider this a curl security flaw."

    https://nvd.nist.gov/vuln/detail/CVE-2023-32001 "REJECTED CVE status"

    https://www.cve.org/ResourcesSupport/FAQs "A CVE Record listed as “REJECT” is a CVE Record that is not accepted as a CVE Record… As a rule, REJECT CVE Records should be ignored"

    1 person found this answer helpful.