Skip to main content
Pure Technical Services

Security Bulletin for cURL/libcurl Vulnerability CVE-2023-38545 and CVE-2023-38546

Currently viewing public documentation. Please login to access the full scope of documentation.

author_pureicon.png

Summary  Edit section Edit section

On October 11, 2023, cURL released Version 8.4.0 of the cURL utility and the libcurl library. This release addressed two security vulnerabilities CVE-2023-38545 (high severity) and CVE-2023-38546 (low severity) affecting cURL and libcurl. 

PureStorage has confirmed that FlashArray and FlashBlade are NOT affected by these vulnerabilities. 

Corrective Action  Edit section

No corrective action is required.