CVE-2023-38545,CVE-2023-38546 Curl Vulnerability of windows server

Budda Tarakesh 75 Reputation points
2023-10-16T02:31:33.4233333+00:00

Hi everyone,

Tenable found a vulnerability with Curl. It looks like Windows Server 2019 uses version 8.0.1 which is vulnerable.

Does microsoft plan to release a patch?

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,662 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

  2. Hania Lian 21,181 Reputation points Microsoft Vendor
    2024-01-19T02:59:20.9666667+00:00

    Hello, Microsoft has included curl.exe version 8.4.0 in the Windows Update released on November 14, 2023, for currently supported on-premises versions of Windows clients and servers. I recommend that you download the installation KB5032196 in the Microsoft Update Catalog to address the vulnerability. Image More details please refer to this link: (CVE-2023-38545 - Security Update Guide - Microsoft - Hackerone: CVE-2023-38545 SOCKS5 heap buffer overflow). Best Regards, Hania Lian

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.