Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Summary

Curl/LibCurl Vulnerabilities multiple vulnerabilities reported.

Advisory release date

Product

  • uniFLOW Online

  • uniFLOW Server

  • sysHub

  • Internal Customer Hosted Services

CVE

CVE-2023-38545
CVE-2023-38546
CVE-2023-38039

...

The severity varies based on the below vulnerabilities.

  • CVE-2023-38545: HIGH

  • CVE-2023-38546: MEDIUM

  • CVE-2023-38039: LOW

Summary of Vulnerability

CURL libraries are used extensively in web development for almost 25 years. There are many versions and libraries with these vulnerabilities only impacted a subset of this.

Impact

NT-ware IT Operations and the Development teams have reviewed our products and services and concluded that we are not impacted by these CVE’s as we are either not using the library directly or are on a patched version.

...