/
2023: Security Advisory: CURL/LibCURL Vulnerabilities

2023: Security Advisory: CURL/LibCURL Vulnerabilities

Owned by Jason Apel, created
Last updated: Nov 15, 2023
1 min read

Summary

Curl/LibCurl Vulnerabilities multiple vulnerabilities reported.

Advisory release date

Oct 11, 2023

Product

  • uniFLOW Online

  • uniFLOW Server

  • sysHub

  • Internal Customer Hosted Services

CVE

CVE-2023-38545
CVE-2023-38546
CVE-2023-38039

Severity

The severity varies based on the below vulnerabilities.

  • CVE-2023-38545: HIGH

  • CVE-2023-38546: MEDIUM

  • CVE-2023-38039: LOW

Summary of Vulnerability

CURL libraries are used extensively in web development for almost 25 years. There are many versions and libraries with these vulnerabilities only impacted a subset of this.

Impact

NT-ware IT Operations and the Development teams have reviewed our products and services and concluded that we are not impacted by these CVE’s as we are either not using the library directly or are on a patched version.

 

 

 

Related content

NT-ware Security Advisories, Products and Services
NT-ware Security Advisories, Products and Services
NT-ware Support
Read with this
2022: Security Advisory: Vulnerability in Apache library.
2022: Security Advisory: Vulnerability in Apache library.
NT-ware Support
More like this
2022: Security Advisory: MOM Tech Support Vulnerability
2022: Security Advisory: MOM Tech Support Vulnerability
NT-ware Support
Read with this
2023: Security Advisory: libwebp Heap buffer overflow
2023: Security Advisory: libwebp Heap buffer overflow
NT-ware Support
More like this
NT-ware and Online Services DNS / IP addresses
NT-ware and Online Services DNS / IP addresses
NT-ware Support
Read with this
2022: Security Advisory: Spring4Shell Java Spring Framework
2022: Security Advisory: Spring4Shell Java Spring Framework
NT-ware Support
More like this