Skip to main content
Pure Technical Services

Security Bulletin for cURL/libcurl Vulnerability CVE-2023-38545 and CVE-2023-38546

Currently viewing public documentation. Please login to access the full scope of documentation.


Summary  Edit section Edit section

On October 11, 2023, cURL released Version 8.4.0 of the cURL utility and the libcurl library. This release addressed two security vulnerabilities CVE-2023-38545 (high severity) and CVE-2023-38546 (low severity) affecting cURL and libcurl. 

PureStorage has confirmed that FlashArray and FlashBlade are NOT affected by these vulnerabilities. 

Corrective Action  Edit section

No corrective action is required.